最近在给系统所有URL添加权限,后面发现系统中角色是以ROLE.开头的,但是在SpringSecurity中自定义权限前缀权限的前缀默认是ROLE_


先前查了相关资料只要修改配置,将rolePrefix的value 改成ROLE.修改配置后发现没有效果

<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">  

    <property name="rolePrefix" value="ROLE."></property>  

</bean> 


后面发现需要这样配置:

<security:http auto-config="true" access-decision-manager-ref="accessDecisionManager">
        
        <security:http-basic />
        <!-- Remove comments to activate the filter -->
        <security:custom-filter ref="fwkSessionTimeOutFilter" position="FIRST" />
        <security:custom-filter ref="ajaxTimeoutRedirectFilter" after="EXCEPTION_TRANSLATION_FILTER"/>
        <security:intercept-url pattern="/css/**" filters="none" />
        <security:intercept-url pattern="/p_w_picpaths/**" filters="none" />
        <security:intercept-url pattern="/js/**" filters="none" />
        <security:intercept-url pattern="/index.jsp*" filters="none" />
        <security:intercept-url pattern="/logout*" filters="none" />
        <security:intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />

</security:http>

   <!--重新定义决策器-->

    <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
        <property name="decisionVoters">
            <list>
                <bean class="org.springframework.security.access.vote.RoleVoter">
                    <property name="rolePrefix" value="ROLE." />
                </bean>
                <bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
            </list>
        </property>
    </bean>