Java (Spring安全性)需要的是单个表达式属性
我尝试在Spring安全配置上使用hasAnyRole时出错 我的applicationContextSecurity.xmlJava (Spring安全性)需要的是单个表达式属性,java,spring,primefaces,Java,Spring,Primefaces,我尝试在Spring安全配置上使用hasAnyRole时出错 我的applicationContextSecurity.xml <?xml version="1.0" encoding="UTF-8"?> <b:beans xmlns="http://www.springframework.org/schema/security" xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://ww
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http use-expressions="true">
<intercept-url pattern="/admin/" access="ROLE_ADMINISTRADOR" />
<intercept-url pattern='/paginas/' access="hasAnyRole('ROLE_USUARIO', 'ROLE_ADMINISTRADOR')"/>
<form-login login-page="/publico/login.xhtml"
always-use-default-target="true" default-target-url="/paginas/agenda/index.xhtml"
authentication-failure-url="/publico/login.jsf?login_error=1"/>
<logout/>
<remember-me />
</http>
<authentication-manager>
<authentication-provider>
<jdbc-user-service data-source-ref="sincronizaDataSource"
authorities-by-username-query="SELECT u.login, p.permissao
FROM usuario u, usuario_permissao p
WHERE u.id = p.usuario
AND u.login = ?"
users-by-username-query="SELECT login, senha, ativo
FROM usuario
WHERE login = ?" />
</authentication-provider>
</authentication-manager>
然后我得到了这个错误:
原因:java.lang.IllegalArgumentException:[/paginas/]需要一个表达式属性
位于org.springframework.util.Assert.isTrue(Assert.java:65)
位于org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource.processMap(ExpressionBasedFilterInvocationSecurityMetadataSource.java:43)
位于org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource。(ExpressionBasedFilterInvocationSecurityMetadataSource.java:30)
位于sun.reflect.NativeConstructorAccessorImpl.newInstance0(本机方法)
位于sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
在sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
位于java.lang.reflect.Constructor.newInstance(Constructor.java:408)
位于org.springframework.beans.BeanUtils.InstanceClass(BeanUtils.java:126)
... 还有31个
您确定在配置中可以接受单引号吗?我不认为它是xml标记的一部分。具体来说:pattern='/paginas/'应该是pattern=“/paginas/”我尝试了pattern=“/paginas/**”,但什么也没有发生:/