Spring安全警告：类AuthorityUtils是抽象的？ [英] Spring Security Warning: Class AuthorityUtils is abstract?

问题描述

由于移动到Spring Security 3.2.5.RELEASE和Spring 4.1.1.RELEASE，我们在Eclipse（Luna）中得到了一个Spring Bean验证警告。

确切的警告是：

类org.springframework.security.core.authority.AuthorityUtils是抽象 p>

这是此Spring文件的标题：

 <？xml version =1.0encoding =UTF-8？> 
< beans xmlns =http://www.springframework.org/schema/beansxmlns：xsi =http://www.w3.org/2001/XMLSchema-instance
 xmlns ：tx =http://www.springframework.org/schema/txxmlns：springsecurity =http://www.springframework.org/schema/security
 xmlns：jaxrs =http：// cxf.apache.org/jaxrsxmlns：cxf =http://cxf.apache.org/core
 xmlns：jee =http://www.springframework.org/schema/jee
 xsi：schemaLocation =http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.1.xsd 
 http：// cxf .apache.org / core http://cxf.apache.org/schemas/core.xsd 
 http://www.springframework.org/schema/security http://www.springframework.org/schema/ security / spring-security-3.2.xsd 
 http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd 
 http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd 
 http://www.springframework.org/schema/tx http：// www。 springframework.org/schema/tx/spring-tx-4.1.xsd\"> 
  

配置的令人讨厌的部分如下（意思是如果我删除这部分，错误消失。具体来说，如果我删除 springsecurity：authentication-provider 节：

  < springsecurity：authentication-manager alias =authenticationManager> 
< springsecurity：authentication-provider> 
< springsecurity：user-service> 
< springsecurity：user name = johnpassword =john
 authorities =ROLE_USER/> 
< springsecurity：user name =adminpassword =admin
 authorities =ROLE_USER，ROLE_ADMIN/ > 
< springsecurity：user name =guestpassword =guest
 authorities =ROLE_GUEST/> 
< / springsecurity：user-service> 
 < / springsecurity：authentication-provider> 
< / springsecurity：authentication-manager> 
  

任何想法的根本原因？我们的项目不忍受虚假警告，我不想禁用Spring bean验证。

解决方案

这是一个在Spring工具套件3.6.0版本中的错误，Luke Taylor指出。错误报告位于 https://issuetracker.springsource.com/browse/STS-3875，并且在STS版本3.6.3之前不会被修复。您可以在 http： //www.docjar.com/html/api/org/springframework/orm/jpa/SharedEntityManagerCreator.java.html

注意到这个bug现在是固定的。修复程序版本为3.6.4

Since moving to Spring Security 3.2.5.RELEASE and Spring 4.1.1.RELEASE we are getting a Spring Bean Validation warning in Eclipse (Luna).

The exact warning is:

Class 'org.springframework.security.core.authority.AuthorityUtils' is abstract

Here is the header to this Spring file:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:springsecurity="http://www.springframework.org/schema/security"
    xmlns:jaxrs="http://cxf.apache.org/jaxrs" xmlns:cxf="http://cxf.apache.org/core"
    xmlns:jee="http://www.springframework.org/schema/jee"
    xsi:schemaLocation="http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.1.xsd
        http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
        http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.1.xsd">

The offending portion of configuration is as follows (meaning that if I remove this section the error goes away. Specifically, if I remove the springsecurity:authentication-provider stanza:

<springsecurity:authentication-manager alias="authenticationManager">
    <springsecurity:authentication-provider>
        <springsecurity:user-service>
            <springsecurity:user name="john" password="john"
                authorities="ROLE_USER" />
            <springsecurity:user name="admin" password="admin"
                authorities="ROLE_USER, ROLE_ADMIN" />
            <springsecurity:user name="guest" password="guest"
                authorities="ROLE_GUEST" />
        </springsecurity:user-service>
    </springsecurity:authentication-provider>
</springsecurity:authentication-manager>

Any ideas on the root cause of this? Our project doesn't put up with spurious warnings and I don't want to disabled Spring bean validation.

解决方案

This is a bug in version 3.6.0 of the Spring Tool Suite, as Luke Taylor pointed out. The bug report is at https://issuetracker.springsource.com/browse/STS-3875, and won't be fixed before STS version 3.6.3. You can examine the code for this class at http://www.docjar.com/html/api/org/springframework/orm/jpa/SharedEntityManagerCreator.java.html

[Edit] The bug report notes that this bug is now fixed. The fix is in version 3.6.4

这篇关于Spring安全警告：类AuthorityUtils是抽象的？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！