问题:
基于数据库的Spring Security认证与授权
上官季
我的web应用程序正在使用spring security进行基于数据库的身份验证和授权。我的配置如下:这是我的web.xml文件,我引入了applicationcontext.xml和applicationcontext-security.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<display-name>Struts2Example14</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
这是我的ApplicationContextSecurity.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="oracle.jdbc.driver.OracleDriver"/>
<property name="url" value="jdbc:oracle:thin:@10.60.2.4:1521:agribase"/>
<property name="username" value="sabka"/>
<property name="password" value="sabka"/>
</bean>
<sec:http use-expressions="true">
<sec:intercept-url pattern="/secured/**" access="ROLE_USER"/>
<sec:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
<sec:form-login login-page="/jsp/homePage.jsp"
authentication-failure-url="/jsp/homePage.jsp"
default-target-url="/jsp/homePage.jsp"/>
</sec:http>
<sec:authentication-manager>
<sec:authentication-provider>
<sec:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="
SELECT username,password, enabled FROM users WHERE username=?"
authorities-by-username-query="
SELECT u.username, ur.authority
FROM users u, user_roles ur WHERE u.user_id = ur.user_id AND u.username=?"/>
</sec:authentication-provider>
</sec:authentication-manager>
</beans>
Unexpected exception parsing XML document from ServletContext resource [/WEB- INF/applicationContext-security.xml];
nested exception is org.springframework.beans.BeanInstantiationException:Could not instantiate bean class
[org.springframework.security.config.SecurityNamespaceHandler]:Constructor threw exception;
nested exception is java.lang.NoClassDefFoundError: org/springframework/aop/config/AbstractInterceptorDrivenBeanDefinitionDecorator
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
<classpathentry kind="src" path="WebContent/WEB-INF"/>
<classpathentry exported="true" kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.St andardVMType/jre6">
<attributes>
<attribute name="owner.project.facets" value="java"/>
</attributes>
</classpathentry>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v6.0">
<attributes>
<attribute name="owner.project.facets" value="jst.web"/>
</attributes>
</classpathentry>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
<classpathentry exported="true" kind="lib" path="//10.60.2.7/Sabka/lib/ojdbc14.jar"/>
<classpathentry exported="true" kind="lib" path="//10.60.2.7/Sabka/lib/ojdbc14dms.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/antlr-runtime-3.0.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-fileupload-1.2.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-io-1.3.2.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-logging-1.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/freemarker-2.3.13.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/junit-3.8.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/ognl-2.6.11.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.asm-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.beans-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.context-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.core-3.0.0.M3.jar"/>
共有1个答案
萧业
在类路径中包含了spring aop jar文件吗?
类似资料:
-
Authentication, authorization, and permissions (认证,授权和权限) Access control concepts (访问控制的概念) General process (一般流程) Exposing and hiding models, methods, and endpoints (揭露和隐藏模式,方法和触发点) Hiding methods an
-
我真的很难找到一个AWS设计,让我: 使用REST(不使用AWS sdk库)向cognito验证实体。 cognito的RESTAPI需要识别实体并根据实体返回结果。例如,像“getOrders”这样的api将返回与已登录的实体关联的订单 经评估的解决方案: > 具有作用域的oAuth身份验证无法解决此场景。实体必须使用appclientId和secret进行身份验证,因此不清楚如何区分实体(为所
-
我们在 remember-me-hash上,基于 Form 表单的方式,来实现基于散列的令牌方法的 Remember-Me 认证,我们新建一个 jwt-authentication项目。 build.gradle 修改 build.gradle 文件,让我们的remember-me-hash项目成为一个新的项目。 修改内容也比较简单,修改项目名称及版本即可。 jar { baseName
-
问题内容: 我知道有三种不同的,流行的非SQL数据库类型。 键/值:Redis,Tokyo Cabinet,Memcached ColumnFamily:Cassandra,HBase 文件:MongoDB,CouchDB 我已经读了很长的博客,但对它的了解却很少。 我知道关系数据库,并且在MongoDB / CouchDB等基于文档的数据库中徘徊。 谁能告诉我这些和清单上的两个前者之间的主要区别
-
本文向大家介绍Spring Cloud下基于OAUTH2认证授权的实现示例,包括了Spring Cloud下基于OAUTH2认证授权的实现示例的使用技巧和注意事项,需要的朋友参考一下 在Spring Cloud需要使用OAUTH2来实现多个微服务的统一认证授权,通过向OAUTH服务发送某个类型的grant type进行集中认证和授权,从而获得access_token,而这个token是受其他微服务
-
我最近读了不少关于微服务的文章,尤其是关于AuthN和Authz的文章。在很大程度上,这一切都很有意义,我可以看到这一切应该如何工作。 (注意--现在我只实现了客户端凭据授予和资源所有者密码凭据授予,因为我只是想看看它是如何工作的,而且用curl调用它们更容易。但我不知道这有什么不同)