我正在尝试创建自定义AccessDecisionVoter,并在调用它时调试它.
我已经在每种方法中都提出了一个问题,但没有发生任何事情.
弹簧security.xml文件:
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<property name="decisionVoters">
<list>
<bean class="com.affiliates.server.security.voters.VoterTest">
<property name="brandsApi" ref="brandsApi"/>
</bean>
</list>
</property>
IBrandsApi.java
public interface IBrandsApi {
IHibernateBean getByPK(Integer id);
@Secured({ "ROLE_BRAND_ADMIN" })
IHibernateBean update(IHibernateBean brand);
@Secured({ "ROLE_BRAND_ADMIN" })
IHibernateBean insert(IHibernateBean brand);
@Secured({ "ROLE_BRAND_ADMIN" })
ResultContainer getAll(IFilter filter);
@Secured({ "ROLE_ADMIN" })
Integer delete(IFilter filter);
}
VoterTest.java(带有断点的空文件)
public class VoterTest implements AccessDecisionVoter {
private IBrandsApi brandsApi;
public IBrandsApi getBrandsApi() {
return brandsApi;
}
public void setBrandsApi(IBrandsApi brandsApi) {
this.brandsApi = brandsApi;
}
@Override
public boolean supports(ConfigAttribute …我试图在java中设置一个计划任务,一天运行一次.
问题是它只在第一天运行.
有什么想法吗?
谢谢
log.info("Schdualing midnight task");
Timer timer = new Timer();
Calendar date = Calendar.getInstance();
date.set(Calendar.HOUR_OF_DAY, 23);
date.set(Calendar.MINUTE, 30);
date.set(Calendar.SECOND, 0);
timer.schedule(new EndOfDayRatesTimerTask(new MidnightQuotesEvent()),
date.getTime());
我有以下UserDetailsService实现.
到目前为止,身份验证过程非常有效.
如何在"会话"中存储我的"MyUser bean"(已成功登录),以便我可以在我的应用程序的其他区域中访问它
谢谢.
@Transactional(readOnly = true)
public class CustomUserDetailsService implements UserDetailsService {
private EmployeesApi employeesApi = new EmployeesApi();
/**
* Retrieves a user record containing the user's credentials and access.
*/
public UserDetails loadUserByUsername(String userName)
throws UsernameNotFoundException, DataAccessException {
// Declare a null Spring User
UserDetails user = null;
try {
MyUser employee = employeesApi.getByUserName(userName);
user = new User(
employee.getUserName(),
employee.getPassword().toLowerCase(),
true,
true,
true,
true,
getAuthorities(1) );
} catch (Exception e) {
logger.error("Error in retrieving user"); …我构建了一个Async任务服务执行器,它通过外部请求执行任务.
每个任务都包含函数void,run(),因此任何想要向系统添加任务的程序员都需要继承From BaseTask.
interface ITask{
void run();
}
abstract BaseTask : ITask{
//force "run()" to set Result
public ResultContainer Result {set; get;}
void run();
}
class SomeTask : BaseTask {
void run(){
////run the operation here, in the end, set the result.
//force the programmer to set the Result;
this.Result = new ResultContainer("task ok");
}
}
由于内部原因,run()必须无效.
有没有什么办法,我可以强迫谁想要添加一个任务来调用一个程序员Result中BaseTask,并将其值?
你认为这是一种不好的做法吗?
谢谢
我在将数据转换为json时遇到问题.
Session session = sessionFactory.openSession();
Affiliate affiliate = (affiliate) session.get( Affiliate , pk );
session.close();
JSONArray.fromObject(affiliate);
调试器显示该行已被提取.
但我尝试转换为json字符串时得到此异常:
Exception in thread "main" net.sf.json.JSONException: org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: com.affiliates.hibernate.Affiliate.employees, no session or session was closed
at net.sf.json.JSONObject._fromBean(JSONObject.java:959) ...
这是我的会员实体
@Entity(name="AFFILIATE")
@Inheritance(strategy=InheritanceType.SINGLE_TABLE)
public class Affiliate extends HibernateBean{
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="AFFILIATE_ID")
private long id;
@ManyToOne(targetEntity = Affiliate.class)
@JoinColumn(name="PARENT_ID")
private Affiliate parent;
@ManyToMany(cascade=CascadeType.ALL,fetch=FetchType.LAZY)
@JoinTable(name="EMPLOYEES_AFFILIATES" , joinColumns = {@JoinColumn(name="AFFILIATE_ID")},inverseJoinColumns={@JoinColumn(name="EMPLOYEE_ID")})
private Set<Employee> employees = new HashSet<Employee>(0);
getters and setters...
}
谢谢
我正在使用Spring Security + MVC.
注释@Secured({ "ROLE_ADMIN" })仅在控制器层中正常工作.
如果我尝试在更深层/其他层中使用它,我就不会遇到安全性错误.
或者,如果我尝试在"无mvc映射"方法上使用它,我没有得到任何安全错误.
关注我的xml配置文件:
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-security.xml
/WEB-INF/applicationContext.xml
</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j-myapp.properties</param-value>
</context-param>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/Management/*</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
</web-app>
为spring-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- Declare a view resolver -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver"
p:prefix="/WEB-INF/pages/" p:suffix=".jsp" /> …我的spring-security.xml有两个问题
当我有多个角色时,access="ROLE_ADMIN,ROLE_EMPLOYEE"
我得到了例外:
Caused by: java.lang.IllegalArgumentException: Failed to parse expression 'ROLE_ADMIN,ROLE_EMPLOYEE'
但如果我有一个角色:access="ROLE_ADMIN"它会正常工作
如果我直接登陆/Management/main/admin我不会被规则重定向:security:form-login login-page="/Management/auth/login/",这意味着我可以在没有角色管理员的情况下进入应用程序.
这是我的spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:lang="http://www.springframework.org/schema/lang"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<sec:global-method-security secured-annotations="enabled" jsr250-annotations="enabled" />
<sec:http auto-config="true" use-expressions="true"
access-denied-page="/Management/auth/denied">
<sec:intercept-url pattern="/Management/auth/login" filters="none" access="permitAll"/>
<sec:intercept-url pattern="/Management/main/admin" filters="none" access="ROLE_ADMIN,ROLE_EMPLOYEE" />
<sec:intercept-url pattern="/Management/api/affiliates/**" filters="none" access="ROLE_ADMIN,ROLE_EMPLOYEE" />
<sec:form-login login-page="/Management/auth/login/"
authentication-success-handler-ref="loginAuthenticationSuccessHandler"
authentication-failure-url="/Management/auth/login?error=true"
login-processing-url="/Management/auth/j_spring_security_check"
default-target-url="/Management/auth/login?error=false" />
<sec:logout invalidate-session="true"
logout-success-url="/Management/auth/login/" logout-url="/Management/auth/logout" />
</sec:http>
<sec:authentication-manager>
<sec:authentication-provider
user-service-ref="customUserDetailsService">
<sec:password-encoder ref="passwordEncoder" …虽然很有趣,但大多数优秀的MySQL编辑器都是基于Windows的.我正在为Ubuntu寻找一个工具(400美元以上),它可以:
我有一个网格,我需要/必须(无论如何)向它发送多级json.
例:
{ "root" : [ {
"affiliateId" : 8,
"name" : "Affiliate Name",
"email" : "affiliate@gmail.co.il",
"manager" : {
"name" : "I am the manager",
"email" : "manager@gmail.co.il"
},
} ],
"totalCount" : 1
}
现在,当我构建网格字段时,我想使用更深层的项目,例如:
{
name:'manager_email',
header: "Manager",
dataIndex: 'manager.email',/******access a deep level******/
width: 100,
sortable: true,
type:'text'
}
我没有错误,只是网格中的空单元格.
谢谢
我有一个拥有很多汽车的用户实体。
我无法使用“ IN”语句按汽车列表获取用户。
List<Car> cars = getCarsList();
String hql = "From User WHERE user.cars in(:cars)";
Query query = session.createQuery(hql)
query.setParameterList("cars",cars);
//query.setParameterList("cars",cars.toArray());//not working also
//query.setParameter("cars","1,4,8,30");//not working also
query.setMaxResults(1);
这样,该参数将忽略汽车。
我也尝试发送vars.toArray();
而且我还尝试发送String 1,4,8,300(如果是汽车,则为ID)。
我有多个品牌的应用程序。
单个用户可以拥有多个品牌,几乎应用程序中的每个查询都通过其品牌来限制用户。
用户有 ManyToMany 和 Brand(s) 。
例如,我想List<Employee>从数据库中提取。
s.createQuery("FROM User user INNER JOIN user.brands brands WHERE brands IN(1,2)");//(1,2) = :brands
在这种情况下,我将不止一次获得同一个用户,因为该用户拥有多个与他相关的品牌。
如何在不需要不同的情况下查询品牌而不会影响我的结果?
这是用户实体:
public class User {
@Id
@Column(name="USER_ID")
@GeneratedValue(strategy=GenerationType.IDENTITY)
private Integer userId;
@ManyToMany(fetch=FetchType.EAGER)
@JoinTable(name="USERS_BRANDS" , joinColumns = {@JoinColumn(name="USER_ID")},inverseJoinColumns={@JoinColumn(name="BRAND_ID")})
private Collection<Brand> brands;
...other members
...getters and setters
}
谢谢
有没有人设法在drupal 7上安装CCK?我收到很多错误.
我想要的原因是因为CCK不为每个字段创建2个表,它每个内容类型只创建一个表,这样更有效.
谢谢