apf*_*fel 2 java spring sitemesh decorator spring-security
有没有理由principal.displayName在装饰器中调用安全认证属性会导致问题?
我将它设置为sitemesh装饰器中的变量:
<c:set var="displayName">
<sec:authentication property="principal.displayName" />
</c:set>
Run Code Online (Sandbox Code Playgroud)
但是它会产生这个异常:
java.lang.RuntimeException: javax.servlet.ServletException: javax.servlet.jsp.JspException: Invalid property 'principal.displayName' o
f bean class [org.springframework.security.authentication.AnonymousAuthenticationToken]: Bean property 'principal.displayName' is not
readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?
at com.opensymphony.sitemesh.webapp.decorator.BaseWebAppDecorator.render(BaseWebAppDecorator.java:39)
at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:84)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:327)
at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:126)
at org.tuckey.web.filters.urlrewrite.NormalRewrittenUrl.doRewrite(NormalRewrittenUrl.java:195)
at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:159)
at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:141)
at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:90)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:417)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
Run Code Online (Sandbox Code Playgroud)
Ste*_*n C 11
此时您的请求Authentication对象是AnonymousAuthenticationToken该类的实例,并且该类没有调用的属性displayName.
显然,SpringSecurity认为用户未被记录.你可能需要
更改访问规则,以便只能在用户登录时查看该JSP,或者
将JSP更改为类似以下内容(假设您使用的是Spring 3.0.x并且已启用Web安全表达式).
<c:set var="displayName">
<sec:authorize access="isAuthenticated()">
<sec:authentication property="principal.displayName" />
</sec:authorize>
</c:set>
Run Code Online (Sandbox Code Playgroud)
参考文献:
| 归档时间: |
|
| 查看次数: |
7753 次 |
| 最近记录: |