我尝试使用spring和spring-security运行项目时遇到以下错误(它在我添加spring安全性之前运行):
java.lang.IllegalStateException: ApplicationEventMulticaster not initialized - call 'refresh' before multicasting events via the context: Root WebApplicationContext: startup date [Wed Nov 30 10:49:27 CST 2011]; root of context hierarchy
at org.springframework.context.support.AbstractApplicationContext.getApplicationEventMulticaster(AbstractApplicationContext.java:337)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:324)
at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:1025)
at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:988)
at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:538)
at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:142)
at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4174)
at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4778)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4675)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at org.apache.catalina.core.StandardService.start(StandardService.java:519)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
有谁知道为什么?我没有在横断面上找到任何东西..这是我的web.xml:
<?xml version="1.0" encoding="UTF-8"?> …我有以下代码(尝试以编程方式记录用户):
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_ADMIN"));
...
User tempUser = new User(correctUsername,
correctPassword,
true, true, true, true, // logging them in...
authorities // type is List<GrantedAuthority>
);
...
Authentication authentication
= new UsernamePasswordAuthenticationToken(tempUser, authorities);
// I'm using authorities again (List<GrantedAuthority>)
// is this the right spot for it?
...
// this is the line causing the error
authentication.setAuthenticated(true);
当我尝试运行时,我得到以下内容:
java.lang.IllegalArgumentException: Cannot set this token to trusted - use constructor which takes a GrantedAuthority list instead
请注意,我正在使用和对象authorities中的 …
我正在尝试这样做:让spring security在登录页面的查询字符串中添加返回url,即:获取spring告诉登录页面我来自哪里.我有一些SSO集成..所以我会发送url给他们,或者他们会为我添加引用,所以我知道用户应该登录并发送给/some/url.这都是花花公子.我遇到的问题是扩展LoginUrlAuthenticationEntryPoint(除非你能告诉我一个很好的理由来实现AuthenticationEntryPoint).我只需要修改登录页面的请求,如下所示:
RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
// only append returnto to '/login' urls
if(request.getServletPath() == "/login") {
// indicates we want to return to this page after login
redirectStrategy.sendRedirect(request, response, "/login?returnto=" + request.getServletPath());
}
我怎样才能让剩下的请求做他们的事情?这是不正确的(我刚刚做的):
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
// just forward the request
dispatcher.forward(request, response);
因为它把我们放在一个重定向循环中.然而,它似乎是春天的版本commence.我糊涂了.我应该commence在自定义扩展程序中做LoginUrlAuthenticationEntryPoint什么?
我有一些用弹簧固定的URL(通过xml配置).有用.但是,当我尝试使用ajax请求命中该端点时,我得到302(找到)响应.这会将我的ajax调用重定向到登录页面(所以我获取了html).但是我希望得到一个401(未经授权的)响应,其中登录页面的URL可用于客户端应用程序,因此我可以使用javascript将用户重定向到那里. 这个问题似乎与我想要的最接近,但是没有例子,它建议再次更换控制器.spring-security中是否没有配置会给我401和url(或其他一些明智的错误消息和登录页面的URL)?