使用JavaConfig结合XML的SpringSecurity4
我试图使用JavaConfig实现SpringSecurity4,但我不知道如何在已经实现的XML配置中使用它 我有如下SecurityConfig类:使用JavaConfig结合XML的SpringSecurity4,java,xml,spring-mvc,Java,Xml,Spring Mvc,我试图使用JavaConfig实现SpringSecurity4,但我不知道如何在已经实现的XML配置中使用它 我有如下SecurityConfig类: package com.wirecard.attendapp.security; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.spr
package com.wirecard.attendapp.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@ImportResource({ "classpath:root-context.xml" })
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
ApplicationContext context = new ClassPathXmlApplicationContext("root-context.xml");
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().hasRole("USER").and().formLogin().loginPage("/login").permitAll().and()
.logout().permitAll();
}
}
和空的SecurityInitializer类:
package com.wirecard.attendapp.security;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
}
在我的root-context.xml中,我尝试添加以下内容,但不起作用:
<beans>
<!-- first, define your individual @Configuration classes as beans -->
<bean class="com.wirecard.attendapp.security.SecurityConfig"/>
<!-- be sure to include the JavaConfig bean post-processor -->
<bean class="org.springframework.config.java.process.ConfigurationPostProcessor"/>
在my web.xml中,我有以下内容:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/root-context.xml
</param-value>
</context-param>
上下文配置位置
/WEB-INF/spring/root-context.xml
我应该如何使用它才能正常工作?现在它不会从我的应用程序加载任何页面。提前谢谢
根上下文.xml
SecurityInitializer
不需要引用安全性:
root context.xml
不需要对安全配置的引用-将其删除它仍然是一样的,我不会加载任何页面。这是我加载任何页面后得到的结果。我只是看到日志,它告诉我应用程序停止了,因为它找不到JNDI名称为comp/env/spring.liveBeansView.mBeansDomain的对象,这是创建SecurityWebApplicationInitializer类后发生的事情,我不知道这意味着什么。
package org.springframework.security.samples.config;
import org.springframework.security.web.context.*;
public class SecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
public SecurityWebApplicationInitializer() {
super(SecurityConfig.class);
}
}