配置没有插件web.xml问题的Spring Security [英] Configuring Spring Security without the plugin web.xml problems

问题描述

我目前正在构建一个Grails 1.3.5应用程序。它使用现有的模型层（共享代码 - 无GORM），并且我已经在conf / spring / resources.xml中为它成功配置了tomcat jndi连接，并且一切正常。然而，当我尝试配置Spring安全性时，我遇到了问题。我不使用spring安全插件，因为我想使用我们已经运行的另一个项目的xml安全配置。这使用Spring 3安全性。我在各种博客上按照以下步骤操作：

• Ran'grails install-templates'

ul>



我在templates / war / web.xml中添加了以下内容：



 <滤光器> 
< filter-name> Spring安全筛选器链代理< / filter-name> 
< filter-class> org.springframework.web.filter.DelegatingFilterProxy< / filter-class> 
< init-param> 
< param-name> targetBeanName< / param-name> 
< param-value> filterChainProxy< / param-value> 
< / init-param> 
< / filter> 
 
< filter-mapping> 
< filter-name> Spring安全筛选器链代理< / filter-name> 
< url-pattern> / *< / url-pattern> 
< / filter-mapping> 
 
< listener> 
< listener-class> org.springframework.security.web.session.HttpSessionEventPublisher< / listener-class> 
< / listener> 
  







• 我将我的安全bean添加到
  conf / spring目录并且有
  验证了它们。


• 我已经将spring安全jar
  文件复制到grails lib
  目录中。 Version 3.0.2
  




运行'grails run-app'时，web.xml中出现了一个非常奇怪的异常： p>



  2010-11-26 12：16：02,512信息[startup.ContextConfig]无默认web.xml 
 2010-11 -26 12：16：02,518错误[digester.Digester]结束事件抛出异常
 java.lang.reflect.InvocationTargetException $ b $ sun.reflect.NativeMethodAccessorImpl.invoke0（Native Method）
在sun （NativeMethodAccessorImpl.java:39）
 at sun.reflect.DelegatingMethodAccessorImpl.invoke（DelegatingMethodAccessorImpl.java:25）
 at java.lang.reflect.Method.invoke（Method.java ：585）
在org.apache.tomcat.util.IntrospectionUtils.callMethod1（IntrospectionUtils.java:925）
 ... 
引起：java.lang.IllegalArgumentException：过滤器映射指定一个未知的过滤器名称hiddenHttpMethod 
在org.apache.catalina.core.StandardContext.addFilterMap（StandardContext.java:2251）
a在Sun.reflect.NativeMethodAccessorImpl.invoke（NativeMethodAccessorImpl.java:39）
（在sun.reflect.DelegatingMethodAccessorImpl.invoke（DelegatingMethodAccessorImpl.java:25））
（Native Method） 
 at java.lang.reflect.Method.invoke（Method.java:585）
 at org.apache.tomcat.util.IntrospectionUtils.callMethod1（IntrospectionUtils.java:925）
 at org .apache.tomcat.util.digester.SetNextRule.end（SetNextRule.java:193）
 at org.apache.tomcat.util.digester.Rule.end（Rule.java:229）
 at org .apache.tomcat.util.digester.Digester.endElement（Digester.java:1140）
 ... 437 more 
  

我也复制了其他博客的过滤器代码，提示：



 < filter> 
< filter-name> springSecurityFilterChain< / filter-name> 
< filter-class> org.springframework.web.filter.DelegatingFilterProxy< / filter-class> 
< / filter> 
 
< filter-mapping> 
< filter-name> springSecurityFilterChain< / filter-name> 
< url-pattern> / *< / url-pattern> 
< / filter-mapping> 
  

但是我仍然遇到同样的问题。





有没有人有关于我应该尝试下一步的建议？令人讨厌的是，我已经将这一切工作在安全模块版本2的旧版Grails（1.1.1）上，但现在我遇到了问题。

解决方案

我在一段时间后得到了这个工作，但它在1.3中花费了与1.2中工作不同的设置。我发现只能通过将它们添加到web.xml中的contextConfigLocation context-param来访问外部XML文件：

 <上下文-param> 
< param-name> contextConfigLocation< / param-name> 
< param-value> 
 /WEB-INF/applicationContext.xml 
 /WEB-INF/applicationContext-security.xml 
< /参数值> 
< / context-param> 
  

除此之外，配置与非Grails应用程序相同。您可能还需要配置jar。

另外，不要将jar复制到lib目录中，而应该在BuildConfig.groovy中使用IVy配置，以便只有一份你机器上的每个罐子。这是应该工作的一个：

  grails.project.class.dir ='target / classes'
 grails.project .test.class.dir ='target / test-classes'
 grails.project.test.reports.dir ='target / test-reports'
 
 grails.project.dependency.resolution = {
 
继承'全球'
日志'警告'
 $ b $存储库{
 grailsPlugins（）
 grailsHome（）
 grailsCentral（）
 ebr（）// SpringSource http://www.springsource.com/repository 
} 
 
依赖关系{
 runtime（'org.springframework。安全性：org.springframework.security.core：3.0.3.RELEASE'）{
不包括'com.springsource.org.aopalliance'，
'com.springsource.org.apache.commons.logging' ，
'org.springframework.beans'，
'org.springframework.context'，
'org.springframework.core'
} 
 
 （'org.springframework.security:org.springframework.security.config:3.0.3.RELEASE'）
 
 runtime（'org.springframework.security:org.springframework.security.web:3.0 .3.RELEASE'）{
不包括'com.springsource.javax.servlet'，
'com.springsource.org.aopalliance'，
'com.springsource.org.apache.commons .logging'，
'org.springframework.aop'，
'org.springframework.beans'，
'org.springframework.context'，
'org.springframework.core '，
'org.springframework.web'
} 
} 
} 
  

I'm currently building a Grails 1.3.5 app. It uses an existing model layer (shared code - no GORM) and I've successfully configured the tomcat jndi connections for it in conf/spring/resources.xml and all is working well. However I'm having problems when I try and configure Spring security. I'm NOT using the spring security plugin because I want to use the xml security config from another project we already have running. This uses Spring 3 security. I've followed the following steps on various blogs:

• Ran 'grails install-templates'

I added the following to the templates/war/web.xml:

<filter>
    <filter-name>Spring Security Filter Chain Proxy</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
        <param-name>targetBeanName</param-name>
        <param-value>filterChainProxy</param-value>
    </init-param>
</filter>

<filter-mapping>
    <filter-name>Spring Security Filter Chain Proxy</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
    <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>

• I added my security beans to the conf/spring directory and have validated them.
• I've copied the spring security jar files over to the grails lib directory. Version 3.0.2

When I run 'grails run-app' I get a very strange exception with the web.xml:

2010-11-26 12:16:02,512 INFO  [startup.ContextConfig] No default web.xml
2010-11-26 12:16:02,518 ERROR [digester.Digester] End event threw exception
java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.tomcat.util.IntrospectionUtils.callMethod1(IntrospectionUtils.java:925)
...
Caused by: java.lang.IllegalArgumentException: Filter mapping specifies an unknown filter name hiddenHttpMethod
    at org.apache.catalina.core.StandardContext.addFilterMap(StandardContext.java:2251)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.tomcat.util.IntrospectionUtils.callMethod1(IntrospectionUtils.java:925)
    at org.apache.tomcat.util.digester.SetNextRule.end(SetNextRule.java:193)
    at org.apache.tomcat.util.digester.Rule.end(Rule.java:229)
    at org.apache.tomcat.util.digester.Digester.endElement(Digester.java:1140)
    ... 437 more

I've also copied the filter code from other blogs that suggest:

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

But I still get the same problem.

Does anyone have any advice about what I should try next? The annoying thing is that I had this all working on an older version of Grails (1.1.1) with version 2 of the security modules but now I'm getting problems.

解决方案

I got this working a while back but it took a different setup in 1.3 than what worked in 1.2. I found I could only access external XML files by adding them to the contextConfigLocation context-param in web.xml:

<context-param>
   <param-name>contextConfigLocation</param-name>
   <param-value>
      /WEB-INF/applicationContext.xml
      /WEB-INF/applicationContext-security.xml
   </param-value>
</context-param>

Other than that the configuration was the same as for a non-Grails app. You probably also need the config jar.

Also, rather than copying jars to your lib directory you should use the IVy config in BuildConfig.groovy so you only have one copy of each jar on your machine. Here's one that should work:

grails.project.class.dir = 'target/classes'
grails.project.test.class.dir = 'target/test-classes'
grails.project.test.reports.dir = 'target/test-reports'

grails.project.dependency.resolution = {

   inherits 'global'
   log 'warn'

   repositories {
      grailsPlugins()
      grailsHome()
      grailsCentral()
      ebr() // SpringSource  http://www.springsource.com/repository
   }

   dependencies {
      runtime('org.springframework.security:org.springframework.security.core:3.0.3.RELEASE') {
         excludes 'com.springsource.org.aopalliance',
                  'com.springsource.org.apache.commons.logging',
                  'org.springframework.beans',
                  'org.springframework.context',
                  'org.springframework.core'
      }

      runtime('org.springframework.security:org.springframework.security.config:3.0.3.RELEASE')

      runtime('org.springframework.security:org.springframework.security.web:3.0.3.RELEASE') {
         excludes 'com.springsource.javax.servlet',
                  'com.springsource.org.aopalliance',
                  'com.springsource.org.apache.commons.logging',
                  'org.springframework.aop',
                  'org.springframework.beans',
                  'org.springframework.context',
                  'org.springframework.core',
                  'org.springframework.web'
      }
   }
}

这篇关于配置没有插件web.xml问题的Spring Security的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！