Spring Security 3.2.0.RC1 - < http>元素和不推荐使用的方法 [英] Spring Security 3.2.0.RC1 - <http>element and deprecated method
问题描述
升级到Spring Security 3.2.0.RC1后,我收到警告方法setFilterProcessesUrl被标记为不推荐使用< http auto-config =true>
在我的xml配置。即使是非常简单的配置,我也得到这个警告:
After upgrading to Spring Security 3.2.0.RC1 I'm getting the warning "Method 'setFilterProcessesUrl' is marked deprecated" for <http auto-config="true">
in my xml config. I get this warning even for a very simple configuration:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<http auto-config="true">
<intercept-url pattern="/myurl*" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user1" password="12345" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
根据Spring Security 3.2 API文档 setFilterProcessesUrl 已被弃用,而应该使用 setRequiresAuthenticationRequestMatcher(RequestMatcher)。我如何更改这个基本的XML配置,所以它不使用不赞成使用的方法?我正在使用Eclipse Kepler与Spring Tool Suite插件。
According to Spring Security 3.2 API documentation setFilterProcessesUrl is deprecated and setRequiresAuthenticationRequestMatcher(RequestMatcher) should be used instead. How can I change this basic XML configuration, so it doesn't use deprecated methods? I'm using Eclipse Kepler with Spring Tool Suite plugin.
更新:
如果我删除< http auto-config =true>
并添加< form-login />
到http元素
If I remove <http auto-config="true">
and add <form-login />
to the http element
<http>
<intercept-url pattern="/myurl*" access="ROLE_USER" />
<form-login />
</http>
我还得到方法setFilterProcessesUrl被标记为已弃用警告,如果我添加< logout />
我第二次得到相同的警告。
另一方面,如果我替换< form-login />
和< logout />
与< http-basic />
警告消失。
I also get the "Method 'setFilterProcessesUrl' is marked deprecated" warning and if I add <logout />
I get the same warning the second time.
On the other hand, if I replace <form-login />
and <logout />
with <http-basic />
the warnings go away.
推荐答案
在Spring Security 3.2.1修复。警告是由使用不推荐使用的方法的XML命名空间引起的。
https://jira.springsource.org/browse/SEC-2455
这篇关于Spring Security 3.2.0.RC1 - < http>元素和不推荐使用的方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!