【问题标题】:AbstractSecurityWebApplicationInitializer is not workingAbstractSecurityWebApplicationInitializer 不起作用
【发布时间】:2016-04-06 02:22:42
【问题描述】:

我试图以 java config 方式加载 webapp。在 RAFTWebAppInitializer 中,我首先注册了配置类以及自制框架。但是 spring 安全过滤器链正在抛出错误。

    public class RAFTWebAppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer  {
        public static final String SPRING_DISPATCHER_SERVLET_NAME = "raft";
        public static final String URL_PATTERN = "/";
        private static final String SPRING_FILTER_CHAIN_NAME = "springSecurityFilterChain";
        private static final String UNABLE_TO_REGISTER_FILTER_CHAIN = "Unable to register filter chain";


        private Logger logger = LogManager.getLogger(RAFTWebAppInitializer.class);
        @Override
        protected WebApplicationContext createRootApplicationContext() {
            //initialize and register context
            AnnotationConfigWebApplicationContext rootAppContext = new AnnotationConfigWebApplicationContext();
            logger.info("Entering in root context to register chassis library");
/*Home grown framework */
            ABCInitializer abcInitializer = new ABCInitializer();
            abcInitializer .initialize(rootAppContext);
            logger.info("Exiting after registering chassis library");

            rootAppContext.register(getRootConfigClasses());       
            logger.info("Exiting after registering App config classes");        
            //registerSpringFilterChain(rootAppContext.getServletContext(), URL_PATTERN + "*");

            return rootAppContext;
        }

        @Override
        protected Class<?>[] getRootConfigClasses() {
            logger.debug("Calling getRootConfigClasses...");

            return new Class[]{AppConfig.class,WebAppSecurityConfig.class};
        }   

        @Override
        protected Class<?>[] getServletConfigClasses() {
            logger.debug("Calling getServletConfigClasses...");

            return new Class[]{DispatcherConfiguration.class};
        }

        @Override
        protected String[] getServletMappings() {
            return new String[]{URL_PATTERN};
        }

        @Override
        protected String getServletName() {
            return SPRING_DISPATCHER_SERVLET_NAME;
        }
    }

    @Configuration
    @EnableWebSecurity
    @ComponentScan(basePackages = { "com.capitalone.raft" })
    @Order(2)
    public class WebAppSecurityConfig extends WebSecurityConfigurerAdapter {
        private Logger logger = LogManager.getLogger(this.getClass());
    // Own implementation of different configs
    }

    public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {


        @Override
        protected void beforeSpringSecurityFilterChain(ServletContext servletContext) {
            logger.info("Before spring security");


            // super.beforeSpringSecurityFilterChain(servletContext);
        }

        @Override
        protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
            logger.info("After spring security");
            // super.afterSpringSecurityFilterChain(servletContext);
        }



        private Logger logger = LogManager.getLogger(this.getClass());  
        private static final String FILTER_ENCODING_TYPE = "UTF-8";


    /*  @Override
        protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
            logger.info("afterSpringSecurityFilterChain gets called to register other filter");
            //super.afterSpringSecurityFilterChain(servletContext);
            servletContext.addFilter("HttpMethodFilter", HiddenHttpMethodFilter.class);
            CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter(FILTER_ENCODING_TYPE, true);
            servletContext.addFilter("CharacterEncodingFilter", characterEncodingFilter);
            logger.info("afterSpringSecurityFilterChain completed to register other filters");      
        }*/

    }   

除此之外,我们还有 servlet DispatcherConfiguration.class 的配置类。但我总是收到错误 2016-04-01 14:05:37,237 INFO [localhost-startStop-1] context.ContextLoader (ContextLoader.java:347) - Root WebApplicationContext:初始化在 0 毫秒内完成 2016-04-01 14:05:37,237 调试 [localhost-startStop-1] filter.GenericFilterBean (GenericFilterBean.java:177) - 初始化过滤器“springSecurityFilterChain” 2016 年 4 月 1 日 14:05:37.252 严重 [localhost-startStop-1] org.apache.catalina.core.StandardContext.startInternal 一个或多个过滤器无法启动。完整的详细信息将在相应的容器日志文件中找到 2016-04-01 14:05:37,252 INFO [localhost-startStop-1] support.AbstractApplicationContext (AbstractApplicationContext.java:957) - 关闭根 WebApplicationContext:启动日期 [Fri Apr 01 14:05:35 EDT 2016];上下文层次结构的根

在容器日志中, 2016 年 4 月 1 日 12:06:17.359 严重 [localhost-startStop-1] org.apache.catalina.core.StandardContext.listenerStart 异常将上下文初始化事件发送到类 org.springframework.web.context.ContextLoaderListener 的侦听器实例 org.springframework.beans.factory.BeanCreationException:创建名为“chassisConfig”的bean时出错:bean实例化失败;嵌套异常是 org.springframework.beans.BeanInstantiationException:无法实例化 [com.capitalone.raft.refapps.api.mvc.config.ChassisConfig$$EnhancerBySpringCGLIB$$7e8af6fb]:未找到默认构造函数;嵌套异常是 java.lang.NoSuchMethodException: com.capitalone.raft.refapps.api.mvc.config.ChassisConfig$$EnhancerBySpringCGLIB$$7e8af6fb.() 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:1105) 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1050) 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:510) 在 org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) 在 org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) 在 org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) 在 org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)

看不懂,因为我去调试服务器初始化的时候,居然调用了这两个方法:

@覆盖 公共最终无效 onStartup(ServletContext servletContext) 抛出 ServletException { 如果(启用HttpSessionEventPublisher()){ servletContext.addListener(HttpSessionEventPublisher.class); } insertSpringSecurityFilterChain(servletContext); afterSpringSecurityFilterChain(servletContext); } 那么

private void insertSpringSecurityFilterChain(ServletContext servletContext) { String filterName = "springSecurityFilterChain"; DelegatingFilterProxy springSecurityFilterChain = new DelegatingFilterProxy(filterName); 字符串 contextAttribute = getWebApplicationContextAttribute(); 如果(上下文属性!= null){ springSecurityFilterChain.setContextAttribute(contextAttribute); } registerFilter(servletContext, true, filterName, springSecurityFilterChain); }

【问题讨论】:

    标签: spring spring-security


    【解决方案1】:

    由于我已经使用我们自己开发的框架引导上下文类,因此我不得不手动刷新上下文。刷新后所有问题都解决了。但是有一点需要记住,在使用组件扫描并尝试将其设置为根级别时。但是,我们可能需要了解后果。有时在对根包进行扫描时,它可能会尝试注册一些额外的(或与给定上下文无关的)类,这些类可能会导致冲突。 更新代码:

        public class RAFTWebAppInitializer extends AbstractAnnotationConfigDispatcherServletInitializer  {
        public static final String SPRING_DISPATCHER_SERVLET_NAME = "raft";
        public static final String URL_PATTERN = "/";
        private static final String SPRING_FILTER_CHAIN_NAME = "springSecurityFilterChain";
        private static final String UNABLE_TO_REGISTER_FILTER_CHAIN = "Unable to register filter chain";
    
    
        private Logger logger = LogManager.getLogger(RAFTWebAppInitializer.class);
        @Override
        protected WebApplicationContext createRootApplicationContext() {
            //initialize and register context
            AnnotationConfigWebApplicationContext rootAppContext = new AnnotationConfigWebApplicationContext();
            logger.info("Entering in root context to register abc library");
            /*Home grown framework */
            ABCInitializer abcInitializer = new ABCInitializer();
            abcInitializer .initialize(rootAppContext);
            logger.info("Exiting after registering chassis library");
    
            rootAppContext.register(getRootConfigClasses());       
            logger.info("Exiting after registering App config classes");        
            rootAppContext.refresh();
    
            return rootAppContext;
           }
    

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2016-03-13
      • 1970-01-01
      • 1970-01-01
      • 2016-09-12
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多