创建名为'；org.springframework.security.filterChains'；_Spring_Spring Mvc_Spring Security

创建名为'；org.springframework.security.filterChains'；

spring spring-mvc spring-security

创建名为'；org.springframework.security.filterChains'；,spring,spring-mvc,spring-security,Spring,Spring Mvc,Spring Security,我刚刚切换到Spring security 3.1，因为我面临这个问题“” 因此，我找到了一个切换到SpringSecurity3.1的解决方案，现在我在运行应用程序时遇到了这个新的异常。 org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve referenc

我刚刚切换到Spring security 3.1，因为我面临这个问题“”

因此，我找到了一个切换到SpringSecurity3.1的解决方案，现在我在运行应用程序时遇到了这个新的异常。

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.filterChains': Cannot resolve reference to bean 'org.springframework.security.web.DefaultSecurityFilterChain#4' while setting bean property 'sourceList' with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.DefaultSecurityFilterChain#4': Cannot create inner bean '(inner bean)' of type [org.springframework.security.web.authentication.logout.LogoutFilter] while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#6': Cannot resolve reference to bean 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0' while setting constructor argument with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0': Cannot create inner bean '(inner bean)' while setting bean property 'userDetailsService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#7': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanInitializationException: Property 'sessionFactory' is required for bean '(inner bean)#7'

我的应用程序上下文如下所示

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
   http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"
default-lazy-init="true">

<!-- Activates scanning of @Autowired -->
<context:annotation-config />

 <!-- Activates scanning of @Repository -->
<context:component-scan base-package="com.example.dao"/>
<context:component-scan base-package="com.example.dao.user"/>
<context:component-scan base-package="com.example.model"/>
<context:component-scan base-package="com.example.controller"/>
<context:component-scan base-package="com.example.service"/>
<context:component-scan base-package="com.example.service.impl"/>
<bean id="sessionFactory"
    class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
    <property name="configLocation">
        <value>/WEB-INF/hibernate.cfg.xml</value>
    </property>

</bean>

<bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
    <property name="sessionFactory" ref="sessionFactory"/>
</bean>


/WEB-INF/hibernate.cfg.xml

我的applicationContext-security.xml看起来像

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
      http://www.springframework.org/schema/security
      http://www.springframework.org/schema/security/spring-security-3.1.xsd">
      <security:http pattern="/images/**" security="none"/>
      <security:http pattern="/Stylesheets/**" security="none"/>
      <security:http pattern="/JavaScript/**" security="none"/>
      <security:http pattern="/scripts/**" security="none"/>

<security:http auto-config="true">
    <security:intercept-url pattern="/passwordHint*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_ADMIN,ROLE_USER"/>
    <security:intercept-url pattern="/signup*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/login.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/home.htm" access="ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/changepwd.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="/pwd.htm*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN" />
    <security:intercept-url pattern="/favicon.ico" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>
    <security:form-login login-page="/login.htm" authentication-success-handler-ref="customHandler"
        authentication-failure-url="/login.htm?error=true" default-target-url="/home.htm"
        login-processing-url="/j_security_check"  />
     <security:remember-me user-service-ref="userDAO" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</security:http>    

 <security:http auto-config="true">

    <security:intercept-url pattern="mobile/passwordHint*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_ADMIN,ROLE_USER"/>
    <security:intercept-url pattern="mobile/signup*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/login.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/home.htm" access="ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/changepwd.htm" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN"/>
    <security:intercept-url pattern="mobile/pwd.htm*" access="IS_AUTHENTICATED_ANONYMOUSLY,ROLE_USER,ROLE_ADMIN" />
    <security:intercept-url pattern="mobile/favicon.ico" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="mobile/**" access="ROLE_USER,ROLE_ADMIN"/>
    <security:form-login login-page="/mlogin.htm" authentication-success-handler-ref="customHandler"
        authentication-failure-url="/mlogin.htm?error=true" default-target-url="/mhome.htm"
        login-processing-url="/j_spring_security_check"  />
     <security:remember-me user-service-ref="userDAO" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/>
</security:http>

<bean id="customHandler" class="com.example.auth.AuthenticationHandler">
</bean>

<security:authentication-manager>
    <security:authentication-provider user-service-ref="userDAO">
        <!--
        TODO skipped to allow password emailing instead of password change and security
        TODO question hell..
      -->
       <!--  <password-encoder ref="passwordEncoder"/>  -->
    </security:authentication-provider>
</security:authentication-manager>

</beans>

这些配置有什么问题吗？

您能给出完整的异常堆栈跟踪吗？我认为你不能有两个

<security:http auto-config="true"/>

在相同的spring安全配置中，使用所有拦截url设置。如果您需要有两个单独的登录页面，在登录请求中有一个属性，或者使用“userAgent”并在控制器中进行切换。

您可以提供“userDAO”bean定义吗？看来userDAO定义包含根本原因。该定义中的某些内容需要一个

sessionFactory

属性，但无法获取该属性。您找到解决方案了吗？根据日志，我得到了与DefaultSecurityFilterChain相同的BeanCreationException，错误与spring安全配置无关，请仔细检查sessionFactory bean是否正确注入到dao bean中。