jb.*_*jb. 17 java security integration gwt spring-security
我正在尝试集成Spring Security和GWT.我也在使用gwt-incubator-security.我按照wiki页面上的描述配置了所有内容.我设法通过使用intercept-url来获得安全性,但我无法使用注释使其工作.关于问题是什么的任何想法?
PS我使用的是Spring 2.5.6,Spring Security 2.0.5和gwt-incubator-security 1.0.1.欢迎任何有用的链接和评论.
这是我的配置文件
applicationContext.xml中
<?xml version="1.0" encoding="UTF-8"?>
<global-method-security secured-annotations="enabled"
jsr250-annotations="disabled" />
<http auto-config="true">
<!-- <intercept-url pattern="/**/*.rpc" access="ROLE_USER" /> -->
<intercept-url pattern="/gwt/**" access="ROLE_USER" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
</http>
<authentication-provider>
<user-service>
<user name="rod" password="koala"
authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
<user name="dianne" password="emu" authorities="ROLE_USER,ROLE_TELLER" />
<user name="scott" password="wombat" authorities="ROLE_USER" />
<user name="peter" password="opal" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
<beans:bean id="greetService" class="com.ct.test.server.GreetingServiceImpl" />
web.xml中
<?xml version="1.0" encoding="UTF-8"?>
<web-app>
<!-- Default page to serve -->
<welcome-file-list>
<welcome-file>Spring_test.html</welcome-file>
</welcome-file-list>
<!-- Spring related configuration -->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Initialise the Spring MVC DispatcherServlet -->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map the DispatcherServlet to only intercept RPC requests -->
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/spring_test/greet.rpc</url-pattern>
<!--
<url-pattern>/org.example.gwtwisdom.GwtWisdom/services/*</url-pattern>
-->
</servlet-mapping>
<servlet>
<servlet-name>greetServlet</servlet-name>
<servlet-class>com.ct.test.server.GreetingServiceImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>greetServlet</servlet-name>
<url-pattern>/spring_test/greet.rpc</url-pattern>
</servlet-mapping>
<!-- Spring security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
为spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- The application context definition for the DispatcherServlet -->
<bean id="urlMapping" class="com.gwtincubator.security.server.GWTSecuredHandler">
<property name="mappings">
<map>
<entry key="/spring_test/greet.rpc" value-ref="greetService" />
</map>
</property>
</bean>
这是我尝试与Spring Security集成的示例项目:http://www.filedropper.com/springtest_1
您的 applicationContext.xml 中似乎缺少命名空间配置。
它应该看起来像这样:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">