【发布时间】:2012-01-13 10:25:49
【问题描述】:
我们在 dev 中的 WAS 和我们本地的 WAS 不同
我们的应用程序使用 Spring-Security 和 Spring 版本 3.1.0-release。
它从一个 JSP 文件开始,我们试图显示连接的用户名:
在 DEV 中的 WAS 上,我们有一个 NotReadablePropertyException : "Bean 属性 'principal' 不可读或有无效的 getter 方法:getter 的返回类型是否与 setter 的参数类型匹配?"
这是因为 AuthenticationTag 使用的是 BeanWrapper (BeanWrapperImpl)
在文件 BeanWrapperImpl 的第 729 行(Spring 3.1.0-RELEASE)抛出错误,
727:PropertyDescriptor pd = getCachedIntrospectionResults().getPropertyDescriptor(actualName);
728:if (pd == null || pd.getReadMethod() == null) {
729: throw new NotReadablePropertyException(getRootClass(), this.nestedPath + propertyName);
730:}
所以 pd 为 null 或 pd.getReadMethod() 为 null。 在正常情况下 getReadMethod 返回: 对象方法[public java.lang.Object org.springframework.security.authentication.UsernamePasswordAuthenticationToken.getPrincipal()]
更新 调试并在类中添加一些日志后,“pd”似乎为空
我用纯java写了这段代码来识别错误
logger.info(session.getAttribute("SPRING_SECURITY_CONTEXT").getClass().toString());
final SecurityContextImpl sci = ((SecurityContextImpl) session.getAttribute("SPRING_SECURITY_CONTEXT"));
logger.info(sci.getAuthentication().getClass().toString());
final Authentication auth = sci.getAuthentication();
logger.info(auth.getPrincipal().getClass().toString());
final User u = (User) auth.getPrincipal();
logger.info(u.getUsername());
logger.info(SecurityContextHolder.getContext().getAuthentication().getName());
logger.info("use beanWrapper :");
final BeanWrapperImpl wrapper = new BeanWrapperImpl(auth);
String property = "principal";
Object result = wrapper.getPropertyValue(property);
logger.info("property : " + property + " value :[" + result.toString() + "]");
property = "principal.username";
result = wrapper.getPropertyValue(property);
logger.info("property : " + property + " value :[" + result.toString() + "]");
在 dev 中登录我们的 WAS:
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] class org.springframework.security.core.context.SecurityContextImpl
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] class org.springframework.security.core.userdetails.User
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] superadmin
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] superadmin
[2012-01-12 12:23:19,843] INFO [WebContainer : 8] [c.b.e.e.w.c.IndexController] use beanWrapper :
我们本地的日志是:
[2012-01-13 08:51:10,062] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] class org.springframework.security.core.context.SecurityContextImpl
[2012-01-13 08:51:10,062] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] class org.springframework.security.authentication.UsernamePasswordAuthenticationToken
[2012-01-13 08:51:10,062] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] class org.springframework.security.core.userdetails.User
[2012-01-13 08:51:10,062] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] superadmin
[2012-01-13 08:51:10,073] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] superadmin
[2012-01-13 08:51:10,073] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] use beanWrapper :
[2012-01-13 08:51:10,095] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] property : principal value :[org.springframework.security.core.userdetails.User@99ac08b4: Username: superadmin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: SuperAdmin]
[2012-01-13 08:51:10,095] INFO [WebContainer : 4] [c.b.e.e.w.c.IndexController] property : principal.username value :[superadmin]
我们在 dev 中的 WAS 是完整版,
我们的本地 WAS 是轻量级、免费的开发者版本
更新
在编写解决方法以获取 userName 后,问题会进一步发生,仍然是 BeenWrapperImpl
org.springframework.beans.NotReadablePropertyException: Invalid property 'codeAndName' of bean class [com.data.model.Country]: Bean property 'codeAndName' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter?
at org.springframework.beans.BeanWrapperImpl.getPropertyValue(BeanWrapperImpl.java:729)
at org.springframework.beans.BeanWrapperImpl.getPropertyValue(BeanWrapperImpl.java:721)
at org.springframework.web.servlet.tags.form.OptionWriter.doRenderFromCollection(OptionWriter.java:216)
at org.springframework.web.servlet.tags.form.OptionWriter.renderFromCollection(OptionWriter.java:186)
at org.springframework.web.servlet.tags.form.OptionWriter.writeOptions(OptionWriter.java:139)
at org.springframework.web.servlet.tags.form.OptionsTag.writeTagContent(OptionsTag.java:169)
更新 2:
问题更加孤立: 对spring security没有任何依赖,只有springmvc,
当一个被放入 beanWrapper 没有与 getter 对应的 setter 时,它只会在 dev 中抛出 NotReadablePropertyException。
当有 setter 时,就没有问题。 假设类 UsernamePasswordAuthenticationToken 是 spring security.class 中的一个类。
【问题讨论】:
标签: spring spring-security websphere-7