Spring security2 安全配置

最新推荐文章于 2024-08-07 11:15:21 发布
最新推荐文章于 2024-08-07 11:15:21 发布
阅读量118 收藏
点赞数
分类专栏: Web Spring 文章标签: java ui
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/iteye_265/article/details/82295759
版权
在Spring配置过程中,我遇到了创建Bean出错的问题,错误如下:
[quote]
2012-03-09 08:58:31,330 ERROR (org.springframework.web.context.ContextLoader:215) - Context initialization failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainProxy': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_rememberMeFilter' while setting bean property 'filters' with key [6]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:480)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:728)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:380)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3727)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4162)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1012)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1012)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:275)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_filterChainList': Cannot resolve reference to bean '_rememberMeFilter' while setting bean property 'filters' with key [6]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:287)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:126)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.security.config.FilterChainProxyPostProcessor.postProcessBeforeInitialization(FilterChainProxyPostProcessor.java:52)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:350)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1331)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
... 29 more
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeFilter': Cannot resolve reference to bean '_rememberMeServices' while setting bean property 'rememberMeServices'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_rememberMeServices': Initialization of bean failed; nested exception is org.springframework.security.config.SecurityConfigurationException: More than one UserDetailsService registered. Please use a specific Id in your configuration
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:269)
... 47 more
[/quote]
我的DBSource是自己定义的,不是用的Spring的JDBC用的是IBatic的数据源,这个问题导致我工作2、3天没有进展,试过各种方法,最后发现是配置文件的问题。具体原因是配置文件中多配置了: 

   <b:authentication-provider>
       <b:password-encoder hash="md5"/>
       <b:jdbc-user-service data-source-ref="dataSource"/>
   </b:authentication-provider>

去掉后,一切正常。现将正确的配置贴出来,以备后用。 

<?xml version="1.0" encoding="UTF-8"?>
<!--
  - Application context containing authentication, channel
  - security and web URI beans.
  -
  - Only used by "filter" artifact.
  -
  - $Id: applicationContext-acegi-security.xml 1425 2006-04-28 06:43:50Z benalex $
  -->

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:b="http://www.springframework.org/schema/security"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd
                        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd" default-autowire="byName">
    <b:http auto-config="true" realm="Contacts Realm" access-denied-page="/accessDenied.jsp">
        <b:intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <b:intercept-url pattern="/index.html" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
        <b:intercept-url pattern="/Login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/> 
        <b:intercept-url pattern="/image/**" filters="none"/>
        <b:intercept-url pattern="/common/**" filters="none"/>
        <b:intercept-url pattern="/scripts/**" filters="none"/>
        <b:intercept-url pattern="/welcome.jsp" filters="none"/>   
        <b:intercept-url pattern="/js/**" filters="none"/>
        <b:intercept-url pattern="/j_spring_security_switch_user" access="ROLE_SUPERVISOR"/>
        <b:intercept-url pattern="/**" access="ROLE_USER"/>

        <b:form-login login-page="/Login.jsp"/>
        <b:logout logout-success-url="/Login.jsp"/>
    </b:http>

   <!-- b:authentication-provider>
       <b:password-encoder hash="md5"/>
       <b:jdbc-user-service data-source-ref="dataSource"/>
   </b:authentication-provider  -->

   <bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
   		<b:custom-filter before="AUTHENTICATION_PROCESSING_FILTER"/>
   		<property name="authenticationManager" ref="authenticationManager"></property>
   		<property name="authenticationFailureUrl" value="/spring_security_login"/>
   		<property name="defaultTargetUrl" value="/main.action" />
   </bean>
   <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
	   	<property name="providers">
	   		<list>
	   			<ref local="daoAuthenticationProvider"/>
	   		</list>
	   	</property>
   </bean>
   <bean id="daoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
   		<property name="userDetailsService" ref="userService"/>
   		<property name="userCache" ref="userCache"/>
   </bean>
   <bean id="userCache" class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
   		<property name="cache" ref="userCacheBacked"/>
   </bean>
   <bean id="userCacheBacked" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
   		<property name="cacheManager" ref="cacheManager"/>
   		<property name="cacheName" value="userCache"/>
   </bean>
   <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
   		<property name="configLocation" value="classpath:ehcache-security.xml"/>
   </bean>
   <bean id="filterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
   		<b:custom-filter before="FILTER_SECURITY_INTERCEPTOR"/>
   		<property name="authenticationManager" ref="authenticationManager"/>
   		<property name="accessDecisionManager" ref="accessDecisionManager"/>
   		<property name="objectDefinitionSource" ref="databaseFilterInvocationDefinitionSource"/>
   </bean>
   <bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
   		<property name="decisionVoters">
			<list>
				<bean class="org.springframework.security.vote.RoleVoter">
					<property name="rolePrefix" value=""/>
				</bean>
			</list>
   		</property>
   </bean>
   <bean id="databaseFilterInvocationDefinitionSource" class="org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource">
   		<constructor-arg type="org.springframework.security.util.UrlMatcher" ref="antUrlPathMatcher"/>
   		<constructor-arg type="java.util.LinkedHashMap" ref="requestMap"/>
   </bean>
   <bean id="antUrlPathMatcher" class="org.springframework.security.util.AntUrlPathMatcher"/>
   <bean id="requestMap" class="cn.com.pzhsteel.service.SpringSecurityConfigServiceImp" init-method="init">
   		<property name="roleDB" ref="roleDAO"/>
   </bean>
   <!-- bean id="methodSeurityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
   		<property name="authenticationManager" ref="authenticationManager"/>
   		<property name="accessDecisionManager" ref="accessDecisionManager"/>
   		<property name="objectDefinitionSource" ref=""/>
   </bean-->

   <!-- Automatically receives AuthenticationEvent messages -->
   <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>

   <!-- Filter used to switch the user context. Note: the switch and exit url must be secured
        based on the role granted the ability to 'switch' to another user -->
   <!-- In this example 'rod' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
   <bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter" autowire="byType">
       <b:custom-filter position="SWITCH_USER_FILTER"/>       
       <property name="targetUrl" value="/secure/index.htm"/>
   </bean>
</beans>

iteye_265
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
SpringSecurity配置
qq_45733154的博客
10-19 8214
SpringSecurity配置与使用
禁用SpringSecurity安全配置
可爱的程序yuan
10-23 3015
在启动类上加下面注解。 @SpringBootApplication(exclude = {SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class}) 也可以在配置文件中配置用户名和密码。 spring: #Activiti property configuration activiti: database-schema-update: true history-le...
Spring Security安全配置
coolshyman的博客
07-25 1996
而使用持久化Token的方式相对安全,用户每登录一次都会生成新的Token和Cookie,但也给盗用者留下了在用户进行第2次登录前进行恶意操作的机会,只有在用户进行第2次登录并更新Token和Cookie时,才会避免这种问题。持久化Token的方式与简单加密Token的方式在实现Remember -Me功能上大体相同,都是在用户选择[记住我]并成功登录后,将生成的Token存入Cookie中并发送到客户端浏览器,在下次用户通过同一客户端访问系统时,系统将直接从客户端Cookie中读取Token进行认证。
Spring Boot安全管理—Spring Security基本配置
m0_58815972的博客
08-19 2807
Spring Security基本配置
Spring Security——基于XML配置
戏拈秃笔的博客
11-23 1274
Spring Security安全框架,必须登录成功才能访问指定资源)
Spring Security 详解
热门推荐
qq_22075913的博客
06-06 11万+
Spring SecuritySpring家族中的一个安全管理框架。相比与另外一个安全框架Shiro,它提供了更丰富的功能,社区资源也比Shiro丰富。一般来说中大型的项目都是使用SpringSecurity来做安全框架。小项目有Shiro的比较多,因为相比与SpringSecurity,Shiro的上手更加的简单。​ 一般Web应用的需要进行认证和授权。​ 而认证和授权也是SpringSecurity作为安全框架的核心功能。视频地址:​ 我们先要搭建一个简单的SpringBoot工程① 设置父工
SpringSecurity安全框架
晴天的博客
05-08 2189
Spring Security是一款主要解决了认证和授权相关处理的安全框架 认证: 验证用户身份, 例如在登录过程中验证用户名与密码是否匹配 授权: 使得用户允许访问服务器的某些资源, 或禁止访问某些资源 Spring Boot Security是在Sp
SpringSecurity
Java 技术专栏,从入门到精通,熟悉企业级开发
04-20 1万+
一般来说,Web 应用的安全性包括用户认证(Authentication)和用户授权 (Authorization)两个部分,这两点也是 Spring Security 重要核心功能。(1)用户认证指的是:验证某个用户是否为系统中的合法主体,也就是说用户能否访问 该系统。用户认证一般要求用户提供用户名和密码。系统通过校验用户名和密码来完成认 证过程。通俗点说就是系统认为用户是否能登录。(2)用户授权指的是验证某个用户是否有权限执行某个操作。在一个系统中,不同用户 所具有的权限是不同的。
Spring Security Oauth2 认证流程
山巅
09-16 4067
spring security oauth2 登录源码分析一、org.springframework.security.web.authentication.www.BasicAuthenticationFilter的功能二、org.springframework.security.oauth2.provider.endpoint.TokenEndpoint1、org.springframework.security.oauth2.provider.endpoint.TokenEndpoint 转换成tok
SpringSecurity安全性框架详解
weixin_48530729的博客
04-30 3901
SpringSecurity简介 Spring Security是一个高度自定义的安全框架。利用 Spring IoC/DI和AOP功能,为系统提供了声明式安全访问控制功能,减少了为系统安全而编写大量重复代码的工作。使用 Spring Secruity 的原因有很多,但大部分都是发现了 javaEE的 Servlet 规范或 EJB 规范中的安全功能缺乏典型企业应用场景。同时认识到他们在 WAR 或 EAR 级别无法移植。因此如果你更换服务器环境,还有大量工作去重新配置你的应用程序。使用 Spring Se
J031_使用TCP协议支持与多个客户端同时通信
lzn20161229的博客
08-03 446
使用TCP协议支持与多个客户端同时通信。
Spring Boot】高效配置管理: 易用性与灵活性并重
weixin_68020300的博客
08-07 985
本文探讨了Spring Boot中多样化的配置读取方法及其应用场景,强调了配置管理的重要性,并展示了Spring Boot如何通过灵活多变的配置选项简化这一过程。此外,文章还展望了配置管理领域未来的技术趋势和发展方向。对于任何希望深入了解Spring Boot配置管理的开发者来说,这是一篇不容错过的好文。
C++ - 函数重载
jiaowenjie的专栏
08-06 209
/打印的是第二个函数的地址。//打印的是第一个函数的地址。-> 重载函数在本质上是相互独立的不同函数。-> 函数返回值不能作为函数重载的依据。-> 重载函数的函数类型不同。**3.函数默认参数和函数重载****函数重载的注意事项:****4.函数重载的本质**
伐木工 (100%用例)D卷 (Java&&Python&&C++&&Node.js&&C语言)
荆赫同艺的博客
08-07 99
一根 4米长的树木,伐木工不需要切割为 2*2,省去切割成本,直接整根树木交易,为 4*1,收益最大为 4。方式二: 3,2,2,3,但方式二,伐木工多切割一次,增加了切割成本却卖了一样的价格,因此并不是最优收益。一根 2 米长的树木,伐木工不切割,为2*1,收益最大为 2。一根5 米长的树木,伐木工切割为 2*3,收益最大为 6。输出最优收益时的各个树木长度,以空格分隔,按升序排列。一根 10 米长的树木,伐木工可以切割。方式一:3,4,4,也可以切割为。
枚举工具类
qq_43049583的博客
08-04 450
java枚举工具类
SpringBoot+Vue图书(图书借阅)管理系统-附项目源码与配套文档
m0_74283290的博客
08-03 1284
本论文阐述了一套先进的图书管理系统的设计与实现,该系统采用Java语言,结合现代Web开发框架和技术,旨在为图书馆提供高效、灵活且用户友好的资源管理解决方案。系统利用Spring Boot框架为核心,整合MyBatis ORM工具,以及MySQL数据库,构建了一个高性能、可扩展的后端服务。前端界面则采用了Vue.js框架,以提供流畅的用户交互体验。论文首先进行了详尽的需求分析,确定了系统的核心功能,包括图书的添加、编辑、删除、查询,读者的注册、登录、个人信息管理,以及图书的借阅、归还、续借流程。
等待唤醒机制两种实现方法-阻塞队列
泰勒今天想展开的博客
08-04 523
桌子上有面条-》吃货执行桌子上没面条-》生产者制造执行。
string类的模拟实现(C++)
2302_80190394的博客
08-02 1154
C++ string的功能函数实现
Spring事务
最新发布
c1tenj2的博客
08-07 309
以银行转账为例,一次转账操作伴随着一个账户的扣钱和另一个账户的加钱,这个流程是一个原子操作,要么同时发生,一气呵成,要么都不做。AccountServiceImpl实现AccountService接口,里面只有一个转账方法AccountMapper以及其映射文件account数据库测试代码用1/0模拟程序运行时出现异常的情况由于没有开启事务,出现了莫名其妙少了100块钱的情况,说明这个事务不是连续的。
Spring-包扫描
Promise_J_Z
08-03 278
二次判断类是否可独立实例化对象,内部类或者接口,抽象类都会对应生成一个.class文件,但是这些文件部分是不能够实例化的,不可以生成bean,所以在生成BeanDefinition之前需要进行过滤判断。对扫描到的BeanDefinition进行赋值,但是此时只是将className赋值到BeanDefinition中,因为还没有创建该类。spring在启动的时候就会往includeFilters中加入component注解。判断当前类是否需要当作bean进行处理。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值