Fatal编程技术网
  • authentication/
  • 我需要在spring中手动设置authenticationManager吗?

我需要在spring中手动设置authenticationManager吗?

authentication spring-security

我需要在spring中手动设置authenticationManager吗?,authentication,spring-security,warnings,applicationcontext,Authentication,Spring Security,Warnings,Applicationcontext,加载ApplicationContext后,我收到如下警告: <?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns

加载ApplicationContext后,我收到如下警告:

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
 http://www.springframework.org/schema/tx
 http://www.springframework.org/schema/tx/spring-tx-3.0.6.xsd
 http://www.springframework.org/schema/security
 http://www.springframework.org/schema/security/spring-security-3.1.xsd
 http://www.springframework.org/schema/aop
 http://www.springframework.org/schema/aop/spring-aop-3.0.xsd">


<!-- =============== Security =============== -->
<sec:method-security-metadata-source
    id="method-security-metadata-source">
    <sec:protect access="MyAccess"
        method="springsecuritytest._00_base.AuthenticationTester.*" />
</sec:method-security-metadata-source>


<sec:global-method-security
    access-decision-manager-ref="accessDecisionManager"
    secured-annotations="enabled" pre-post-annotations="enabled"
    proxy-target-class="true">
    <sec:protect-pointcut
        expression="execution(* springsecuritytest._00_base.AuthenticationTester.*(..))"
        access="ROLE_USER_BASIC_099" />
    <!-- <sec:protect-pointcut access="ROLE_USER_BASIC_099" expression="execution(*
        springsecuritytest._00_base.AuthenticationTester.* (..))" /> -->
</sec:global-method-security>

<sec:authentication-manager alias="authenticationManager"
    erase-credentials="true">
    <sec:authentication-provider>
        <sec:jdbc-user-service data-source-ref="dataSource" />
        <!-- role-prefix="ROLE_" /> -->
    </sec:authentication-provider>
</sec:authentication-manager>

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
    <property name="decisionVoters">
        <list>
            <bean class="org.springframework.security.access.vote.RoleVoter" />
            <!-- <bean class="org.springframework.security.access.vote.AuthenticatedVoter"/> -->
        </list>
    </property>
</bean>

<bean id="dataSource"
    class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/spring_security" />
    <property name="username" value="root" />
    <property name="password" value="" />
</bean>
信息:未设置身份验证管理器。更改密码时不会对用户执行重新身份验证_

我的Context.XML文件如下所示:

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
 http://www.springframework.org/schema/tx
 http://www.springframework.org/schema/tx/spring-tx-3.0.6.xsd
 http://www.springframework.org/schema/security
 http://www.springframework.org/schema/security/spring-security-3.1.xsd
 http://www.springframework.org/schema/aop
 http://www.springframework.org/schema/aop/spring-aop-3.0.xsd">


<!-- =============== Security =============== -->
<sec:method-security-metadata-source
    id="method-security-metadata-source">
    <sec:protect access="MyAccess"
        method="springsecuritytest._00_base.AuthenticationTester.*" />
</sec:method-security-metadata-source>


<sec:global-method-security
    access-decision-manager-ref="accessDecisionManager"
    secured-annotations="enabled" pre-post-annotations="enabled"
    proxy-target-class="true">
    <sec:protect-pointcut
        expression="execution(* springsecuritytest._00_base.AuthenticationTester.*(..))"
        access="ROLE_USER_BASIC_099" />
    <!-- <sec:protect-pointcut access="ROLE_USER_BASIC_099" expression="execution(*
        springsecuritytest._00_base.AuthenticationTester.* (..))" /> -->
</sec:global-method-security>

<sec:authentication-manager alias="authenticationManager"
    erase-credentials="true">
    <sec:authentication-provider>
        <sec:jdbc-user-service data-source-ref="dataSource" />
        <!-- role-prefix="ROLE_" /> -->
    </sec:authentication-provider>
</sec:authentication-manager>

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
    <property name="decisionVoters">
        <list>
            <bean class="org.springframework.security.access.vote.RoleVoter" />
            <!-- <bean class="org.springframework.security.access.vote.AuthenticatedVoter"/> -->
        </list>
    </property>
</bean>

<bean id="dataSource"
    class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/spring_security" />
    <property name="username" value="root" />
    <property name="password" value="" />
</bean>
任何人都能帮我吗?

我发现了它,它似乎是由我使用的bean定义模型引起的。

我也在日志中体验到了这个模糊的信息。我必须在xml配置文件的http和UserDetailsManager中添加对身份验证管理器的引用。这将取决于Spring安全性的配置方式,但希望它能有所帮助

<security:http auto-config="true" authentication-manager-ref="authenticationManager" use-expressions="true">
    <security:remember-me data-source-ref="dataSource" user-service-ref="userDetailsManagerDao" />
    <security:intercept-url pattern="/" access="permitAll" />
    <security:intercept-url pattern="/home" access="permitAll" />
    <security:intercept-url pattern="/login" access="permitAll" />
    <security:intercept-url pattern="/registration" access="permitAll" />
    <security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
    <security:form-login login-page="/login" default-target-url="/default" login-processing-url="/login/authenticate"
        username-parameter="username" password-parameter="password" authentication-failure-url="/login?error" />
    <security:logout logout-url="/logout" logout-success-url="/login?logout" />
</security:http>

<bean id="userDetailsManagerDao" class="com.alphatek.tylt.repository.UserDetailsManagerJdbcDao">
    <property name="dataSource" ref="dataSource" />
    <property name="enableAuthorities" value="false" />
    <property name="enableGroups" value="true" />
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

<security:authentication-manager id="authenticationManager">
    <security:authentication-provider user-service-ref="userDetailsManagerDao">
        <security:password-encoder ref="passwordEncoder" />
    </security:authentication-provider>
</security:authentication-manager>
嘿,我也遇到了同样的错误。你能详细说明你是如何解决的吗?是的,我遇到了同样的错误,希望看到更详细的答案!这不是一个错误。日志级别为
INFO
。你是怎么解决的?你能说得更具体些吗?