Mi aplicación web utilizando spring security para la autenticación y autorización en base a la base de datos. He configurado el este como:
Este es mi web.xml archivo de la que me introdujo applicationContext.xml y applicationContext-
security.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee  http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         id="WebApp_ID" version="2.5">

    <display-name>Struts2Example14</display-name>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
            /WEB-INF/applicationContext.xml
            /WEB-INF/applicationContext-security.xml
        </param-value>
    </context-param>

    <filter>
        <filter-name>struts2</filter-name>
        <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
    </filter>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <filter-mapping>
        <filter-name>struts2</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>
</web-app>

este es mi applicationContextSecurity.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:sec="http://www.springframework.org/schema/security"
       xmlns:beans="http://www.springframework.org/schema/mvc"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
        http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">

    <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName" value="oracle.jdbc.driver.OracleDriver"/>
        <property name="url" value="jdbc:oracle:thin:@10.60.2.4:1521:agribase"/>
        <property name="username" value="sabka"/>
        <property name="password" value="sabka"/>
    </bean>

    <sec:http use-expressions="true">
        <sec:intercept-url pattern="/secured/**" access="ROLE_USER"/>
        <sec:intercept-url pattern="/admin/*" access="ROLE_ADMIN"/>
        <sec:form-login login-page="/jsp/homePage.jsp"
                        authentication-failure-url="/jsp/homePage.jsp"
                        default-target-url="/jsp/homePage.jsp"/>
    </sec:http>

    <sec:authentication-manager>
        <sec:authentication-provider>
            <sec:jdbc-user-service
                data-source-ref="dataSource"
                users-by-username-query="
                    SELECT username,password, enabled FROM users WHERE username=?"
                authorities-by-username-query="
                    SELECT u.username, ur.authority
                    FROM users u, user_roles ur WHERE u.user_id = ur.user_id AND u.username=?"/>
        </sec:authentication-provider>
    </sec:authentication-manager>
</beans>

cuando yo ejecute eclipse aparece este error:

Unexpected exception parsing XML document from ServletContext resource [/WEB-    INF/applicationContext-security.xml];  

nested exception is org.springframework.beans.BeanInstantiationException:Could not instantiate bean class
[org.springframework.security.config.SecurityNamespaceHandler]:Constructor threw   exception;  

nested exception is java.lang.NoClassDefFoundError:  org/springframework/aop/config/AbstractInterceptorDrivenBeanDefinitionDecorator

este es mi classpath:

<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
<classpathentry kind="src" path="WebContent/WEB-INF"/>
<classpathentry exported="true" kind="con"  path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.St andardVMType/jre6">
<attributes>
<attribute name="owner.project.facets" value="java"/>
</attributes>
</classpathentry>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v6.0">
<attributes>
<attribute name="owner.project.facets" value="jst.web"/>
</attributes>
</classpathentry>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
<classpathentry exported="true" kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
<classpathentry exported="true" kind="lib" path="//10.60.2.7/Sabka/lib/ojdbc14.jar"/>
<classpathentry exported="true" kind="lib" path="//10.60.2.7/Sabka/lib/ojdbc14dms.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/antlr-runtime-3.0.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-fileupload-1.2.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-io-1.3.2.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/commons-logging-1.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/freemarker-2.3.13.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/junit-3.8.1.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/ognl-2.6.11.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.asm-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.beans-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.context-3.0.0.M3.jar"/>
<classpathentry exported="true" kind="lib" path="D:/SpringWS/SpringStruts2/WebContent/WEB-INF/lib/org.springframework.core-3.0.0.M3.jar"/>

InformationsquelleAutor roland duff | 2013-03-05

2 Comentarios

  1. 1

    ¿Incluye el spring aop jar-file en el classpath?

    • No, no he utilizado aop, así que no tengo aop archivos jar
    • Spring security utiliza AOP debajo de las cubiertas, así que intente agregar la primavera-aop jar-file. Que debería resolver su problema actual.
    • que problema resuelto, ahora este es el problema: excepción Inesperada de análisis de documento XML de ServletContext de recursos [/WEB-INF/applicationContext-security.xml]; excepciones anidadas es java.lang.NoSuchMethodError: org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.getLocalName(Lorg/w3c/dom/Node;)Ljava/lang/String;
    • java.lang.NoSuchMethodError: org.springframework.beans.factory.xml.BeanDefinitionParserDelegate.getLocalName(Lorg/w3c/dom/Node;)Ljava/lang/String;
    • uso spring-security3.x.jar. Usted podría utilizar la versión anterior
    • No, que es de 3.X, he copiado mi classpath a la pregunta

  2. 3

    Este ejemplo muestra el uso de spring 3.2 con Spring Security 3.1 y Hibernate 4.1.9.

    incluir la siguiente dependencia en su pom.xml

            <!-- spring dependency-->
    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-context-support</artifactId>
    <version>${spring.framework.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-orm</artifactId>
    <version>${spring.framework.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-core</artifactId>
    <version>${spring.framework.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-web</artifactId>
    <version>${spring.framework.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-webmvc</artifactId>
    <version>${spring.framework.version}</version>
    </dependency>
    <!-- START: Spring security -->
    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>
    <version>${spring.security.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>${spring.security.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>${spring.security.version}</version>
    </dependency>
    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-taglibs</artifactId>
    <version>${spring.security.version}</version>
    </dependency>
    <!-- END: Spring security -->

    en web.xml

     <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/spring/root-context.xml,/WEB-INF/spring/spring-security.xml</param-value>
    </context-param>
    <!-- START: Spring Security -->
    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    <!-- END: Spring Security -->

    spring-security.xml

    <http auto-config="true" access-denied-page="/denied">
    <intercept-url pattern="/role1/*" access="ROLE1" />
    <intercept-url pattern="/role2/*" access="ROLE2" />
    <intercept-url pattern="/role3/*" access="ROLE3" />
    <intercept-url pattern="/home" access="ROLE1,ROLE2,ROLE3"/>        
    <form-login login-page="/login" default-target-url="/home"
    authentication-failure-url="/loginfailed" />
    <logout
    invalidate-session="true"
    delete-cookies="SPRING_SECURITY_REMEMBER_ME_COOKIE"
    logout-success-url="/index"></logout>
    </http>
    <beans:bean class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
    <authentication-manager >
    <authentication-provider ref="authProvider"></authentication-provider>  
    </authentication-manager>
    <beans:bean id="authProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <beans:property name="userDetailsService" ref="userDetailsServiceImpl" />
    <beans:property name="passwordEncoder" ref="encoder" />
    </beans:bean>
    <!-- For hashing and salting user passwords -->
    <beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>

    En mvc.xml

        <security:global-method-security secured-annotations="enabled"/>
    <bean id="userDetailsServiceImpl" class="com.service.UserDetailsServiceImpl">
    <property name="sessionFactory" ref="sessionFactory"></property>
    </bean>

    en UserDetailsServiceImpl

        @Service
    @Transactional(readOnly = true)
    public class UserDetailsServiceImpl implements UserDetailsService {
    UserDao userDAO = new UserDaoImpl();
    public UserDetails loadUserByUsername(String userName)
    throws UsernameNotFoundException {
    Users domainUser = userDAO.getUser(userName);
    Roles role = domainUser.getRoles();
    boolean enabled = true;
    boolean accountNonExpired = true;
    boolean credentialsNonExpired = true;
    boolean accountNonLocked = true;
    return new User(domainUser.getUsername(),
    domainUser.getUsersPassword(), enabled, accountNonExpired,
    credentialsNonExpired, accountNonLocked,
    getAuthorities(role.getRoleName()));
    }
    public Collection<? extends GrantedAuthority> getAuthorities(String role) {
    List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
    return authList;
    }
    public List<String> getRoles(String role) {
    List<String> roles = new ArrayList<String>();
    if ("ROLE1".equals(role)) {
    roles.add("ROLE1");
    } else if ("ROLE2".equals(role)) {
    roles.add("ROLE2");
    }
    else if ("ROLE3".equals(role)) {
    roles.add("ROLE3");
    }
    return roles;
    }
    public static List<GrantedAuthority> getGrantedAuthorities(
    List<String> roles) {
    List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
    for (String role : roles) {
    authorities.add(new SimpleGrantedAuthority(role));
    }
    return authorities;
    }

    Ahora que usted necesita para hacer un método en dao para obtener usuario pojo basado en nombre de usuario. Entonces funcionará bien

    • Traté de usar la misma configuración de seguridad de la siguiente manera: <frijoles:bean id=»encoder» clase=»org.springframework.de seguridad.crypto.bcrypt.BCryptPasswordEncoder»/>
    • Pero su lanzando un error como : Causada por: org.springframework.los frijoles.NotWritablePropertyException: de propiedad no Válido ‘passwordEncoder’ de la clase de bean [com.ipms.servicio.impl.CustomUserDetailsService]: Bean propiedad ‘passwordEncoder’ no es modificable o no válido método setter. ¿El tipo de parámetro de la carta coincide con el tipo de retorno de la función de captador?

Dejar respuesta

Please enter your comment!
Please enter your name here