【问题标题】:Security namespace does not support custom security filters安全命名空间不支持自定义安全过滤器
【发布时间】:2015-06-24 13:41:44
【问题描述】:

我正在尝试为 jboss 设置一个 spring 安全命名空间,但是每次我尝试启动服务器时,我都会收到错误

安全命名空间不支持元素装饰 [过滤器链]

代码如下:

<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/beans
                       http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
                       http://www.springframework.org/schema/security
                       http://www.springframework.org/schema/security/spring-security-3.2.xsd">
    <security:global-method-security secured-annotations="enabled"/>

<bean xml:id="customSecurityFilter" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain pattern="/login.jsp*" filters="none"/>
<security:filter-chain pattern="/MaintenanceLogin.jsp*" filters="none"/>
<security:filter-chain pattern="/PortalLogin.jsp*" filters="none"/>
</bean>

<security:http>
    <security:custom-filter ref="customSecurityFilter" before="FIRST"/>
    <!-- Override default login and logout pages -->
    <security:form-login login-page="/login.jsp" 
                        default-target-url="/DisplayAlerts.action" 
                         authentication-failure-url="/login.jsp?login_error=1" />
    <security:logout logout-url="/j_spring_security_logout" logout-success-url="/login.jsp" />     
</security:http>

请帮忙

【问题讨论】:

  • 只需添加多个&lt;security:http /&gt; 元素而不是filter-chains。添加&lt;security:http pattern="/login.jsp" security="none" /&gt; 或通过指定&lt;security:intercept-url pattern="/login.jsp" access="permitAll" /&gt; 简单地允许所有对这些URL 的访问。你把它弄得太复杂了。
  • 执行上述任一操作都会导致 Security namespace does not support decoration of element [filter-chain] 错误
  • 你当然要删除自定义过滤器...
  • 我不能直接删除它。必须有自定义过滤器才能访问登录页面,而无需先登录。
  • 是的,你可以...这就是我告诉你要添加的配置的重点。

标签: spring security spring-security


【解决方案1】:

如果你想使用过滤器链,你可以把它包装在一个地图中

<bean xml:id="customSecurityFilter" class="org.springframework.security.web.FilterChainProxy">
 <security:filter-chain-map path-type="regex">
    <security:filter-chain pattern="/login.jsp*" filters="none"/>
    <security:filter-chain pattern="/MaintenanceLogin.jsp*" filters="none"/>
    <security:filter-chain pattern="/PortalLogin.jsp*" filters="none"/>
 </security:filter-chain-map path-type="regex">
</bean>

您可以参考文档here

【讨论】:

    猜你喜欢
    • 2017-03-24
    • 1970-01-01
    • 2021-09-04
    • 2015-05-30
    • 1970-01-01
    • 2017-03-13
    • 2023-03-05
    • 2014-05-30
    • 1970-01-01
    相关资源
    最近更新 更多