Spring security 如何解决Spring security中的IllegalArgumentException
我正在使用spring安全性。当我浏览到Spring security 如何解决Spring security中的IllegalArgumentException,spring-security,Spring Security,我正在使用spring安全性。当我浏览到http://localhost:8080/rest/user/json/quypham,我得到以下错误: [WARNING] /rest/user/json/quypham java.lang.IllegalArgumentException: Failed to evaluate expression 'ROLE_ADMIN' at org.springframework.security.access.expression.Expre
http://localhost:8080/rest/user/json/quypham
,我得到以下错误:
[WARNING] /rest/user/json/quypham java.lang.IllegalArgumentException:
Failed to evaluate expression 'ROLE_ADMIN'
at org.springframework.security.access.expression.ExpressionUtils.evalua
teAsBoolean(ExpressionUtils.java:15)
at org.springframework.security.web.access.expression.WebExpressionVoter
.vote(WebExpressionVoter.java:36)
at org.springframework.security.web.access.expression.WebExpressionVoter
.vote(WebExpressionVoter.java:18)
at org.springframework.security.access.vote.AffirmativeBased.decide(Affi
rmativeBased.java:62)
at org.springframework.security.access.intercept.AbstractSecurityInterce
ptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
at org.springframework.security.web.access.intercept.FilterSecurityInter
Caused by:
org.springframework.expression.spel.SpelEvaluationException: EL1008E:
(pos 0): Property or field 'ROLE_ADMIN' cannot be found on object of
type 'org.s
pringframework.security.web.access.expression.WebSecurityExpressionRoot'
- maybe not public?
at org.springframework.expression.spel.ast.PropertyOrFieldReference.read
Property(PropertyOrFieldReference.java:215)
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getV
alueInternal(PropertyOrFieldReference.java:85)
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getV
alueInternal(PropertyOrFieldReference.java:78)
at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(Sp
elNodeImpl.java:114)
at org.springframework.expression.spel.standard.SpelExpression.getValue(
SpelExpression.java:105)
at org.springframework.security.access.expression.ExpressionUtils.evalua
我想我的userservice servlet.xml
文件中有问题:
下面是UserRestServiceController.java
:
@控制器
公共类UserRestServiceController{
@自动连线
公共UserDao UserDao;
@自动连线
公共视图jsonTemplate;
@RequestMapping(value=“/rest/user/json/{username}”,
products=MediaType.APPLICATION\u JSON\u VALUE,method=RequestMethod.GET)
public@ResponseBody User loadUser(@PathVariable(“用户名”)字符串名){
返回userDao.loadUser(名称);
}
默认情况下处于启用状态。这意味着您应该将访问
值更改为表达式:
作为一个选项,您可以禁用表达式:
对于所有角色,您必须使用“hasRole”。
在您的情况下,access=“hasRole('ADMIN')”将在您将其反向获取时使用。您的陈述不正确。