Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/307.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
同时使用java和xml配置的多个Http配置不起作用_Java_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • 同时使用java和xml配置的多个Http配置不起作用

同时使用java和xml配置的多个Http配置不起作用

java spring spring-security

同时使用java和xml配置的多个Http配置不起作用,java,spring,spring-security,Java,Spring,Spring Security,我有一个应用程序,可以从java类加载默认的spring安全配置,并可以选择从外部文件导入附加配置,如下所示: @Configuration @EnableWebSecurity @EnableAspectJAutoProxy @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true) @ImportResource("file:///${my.home.dir}\

我有一个应用程序,可以从java类加载默认的spring安全配置,并可以选择从外部文件导入附加配置,如下所示:

@Configuration
@EnableWebSecurity
@EnableAspectJAutoProxy
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
@ImportResource("file:///${my.home.dir}\\conf\\security.xml")
public class WebSecurityConfiguration implements Serializable {

private static final long serialVersionUID = 6654777887140629668L;

@Configuration
@Order
public static class AnotherWebSecurityConfiguration extends WebSecurityConfigurerAdapter implements Serializable { 
private static final long serialVersionUID = 4628321113541373781L;  
public AnotherWebSecurityConfiguration() {
super();
}  
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(ignoredUrls); // we want to disable Spring Security for static resources.
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().antMatchers("/**").hasRole("USER").and().httpBasic().and().csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
}
}
外部文件包含以下内容:

    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.2.xsd">

    <!-- enable use-expressions -->
    <http auto-config="true" pattern="/manage/app/**" authentication-manager-ref="anotherAuthenticationManager" use-expressions="true">
        <intercept-url pattern="/manage/app/**" access="hasRole('ROLE_USER')" />
        <http-basic />
    </http>

 <authentication-manager id="anotherAuthenticationManager">
    <authentication-provider>
        <user-service>
                    <user name="admin" password="admin2" authorities="ROLE_USER" />
        </user-service>
    </authentication-provider>
</authentication-manager>
</beans:beans>
在本例中,xml安全配置工作正常,但java配置被忽略

你能告诉我我在配置中做错了什么吗

请注意,我使用的是SpringSecurity 3.2

非常感谢。

XML配置覆盖java配置-。我看不出你为什么要把它们混在一起,现在花点时间重写这篇文章可以节省你将来的时间:你可能可以使用http.antMatchers。。。使用和合并两个配置

protected void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication();
}