一个spring_security的问题,解决了几天了!找高手解决。

chaohua20 2011-01-10 12:18:46
资源认证器

package com.onionbbs.security;

import java.util.Collection;
import java.util.Iterator;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;


public class GamersAccessDecisionManager implements AccessDecisionManager {

public void decide(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributes)
throws AccessDeniedException, InsufficientAuthenticationException {

if(configAttributes == null){
return ;
}
System.out.println("Object:"+object.toString());

Iterator<ConfigAttribute> ite=configAttributes.iterator();
while(ite.hasNext()){

ConfigAttribute ca=ite.next();
//怎么这里输出这个是ROLE_ANONYMOUS
System.out.println(authentication.getAuthorities());
String needRole=((SecurityConfig)ca).getAttribute();
for(GrantedAuthority ga:authentication.getAuthorities()){
if(needRole.equals(ga.getAuthority())){

return;

}
}
}

throw new AccessDeniedException("no right");
}
public boolean supports(ConfigAttribute attribute){

return true;
}
public boolean supports(Class<?> clazz) {

return true;
}


}





自定义的一个拦截器

package com.onionbbs.security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;

import com.OnionEntertainment.Security.Service.SecurityResourceServiceImp;
import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;


public class InvocationSecurityMetadataSource
implements FilterInvocationSecurityMetadataSource {

private UrlMatcher urlMatcher = new AntUrlPathMatcher();;
private static Map<String, Collection<ConfigAttribute>> resourceMap = null;


private SecurityResourceServiceImp securityResourceService;

public void setSecurityResourceService(
SecurityResourceServiceImp securityResourceService) {
this.securityResourceService = securityResourceService;
}


public void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();

for(Resources item:securityResourceService.getAllResources()){

resourceMap.put(item.getUrl(), listRoleToCollection(item.getRole()));
}
}


public Collection<ConfigAttribute> listRoleToCollection(Set<Role> set){
List<ConfigAttribute> list=new ArrayList<ConfigAttribute>();
for(Role role:set){
System.out.println("=================================="+role.getName()+"==============");
list.add(new SecurityConfig(role.getName()));
}
return list;
}

public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
String url = ((FilterInvocation)object).getRequestUrl();
Iterator<String> ite = resourceMap.keySet().iterator();
while (ite.hasNext()) {
String resURL = ite.next();
if (urlMatcher.pathMatchesUrl(url, resURL)) {
return resourceMap.get(resURL);
}
}
return null;
}

public boolean supports(Class<?> clazz) {
return true;
}

public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}

}



获得用户和权限

package com.onionbbs.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Set;

import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import com.OnionEntertainment.Security.Service.SecurityUserServiceImp;
import com.onionbbs.model.Role;
import com.onionbbs.model.UserTable;

public class UserDetailService implements UserDetailsService{


private SecurityUserServiceImp securityUserService;

public void setSecurityUserService(SecurityUserServiceImp securityUserService) {
this.securityUserService = securityUserService;
}





public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {


List<UserTable> usertable=securityUserService.getuser(username);
UserTable usertab=new UserTable();
usertab.setId(usertable.get(0).getId());
usertab.setNickname(usertable.get(0).getNickname());
usertab.setUsername(username);
usertab.setEnabled(usertable.get(0).getEnabled());
usertab.setRoles(usertable.get(0).getRoles());

User user = new User(username,
"robin", true, true, true, true, listRoleToCollection(usertable.get(0).getRoles()));
return user;

}

public Collection<GrantedAuthority> listRoleToCollection(Set<Role> set){
List<GrantedAuthority> list=new ArrayList<GrantedAuthority>();
for(Role role:set){
System.out.println(role.getName());
list.add(new GrantedAuthorityImpl(role.getName()));
}
return list;
}

}



把资源查询出来

package com.onionbbs.security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;

import com.OnionEntertainment.Security.Service.SecurityResourceServiceImp;
import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;


public class InvocationSecurityMetadataSource
implements FilterInvocationSecurityMetadataSource {

private UrlMatcher urlMatcher = new AntUrlPathMatcher();;
private static Map<String, Collection<ConfigAttribute>> resourceMap = null;


private SecurityResourceServiceImp securityResourceService;

public void setSecurityResourceService(
SecurityResourceServiceImp securityResourceService) {
this.securityResourceService = securityResourceService;
}


public void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();

for(Resources item:securityResourceService.getAllResources()){

resourceMap.put(item.getUrl(), listRoleToCollection(item.getRole()));
}
}


public Collection<ConfigAttribute> listRoleToCollection(Set<Role> set){
List<ConfigAttribute> list=new ArrayList<ConfigAttribute>();
for(Role role:set){
System.out.println("=================================="+role.getName()+"==============");
list.add(new SecurityConfig(role.getName()));
}
return list;
}

public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
String url = ((FilterInvocation)object).getRequestUrl();
Iterator<String> ite = resourceMap.keySet().iterator();
while (ite.hasNext()) {
String resURL = ite.next();
if (urlMatcher.pathMatchesUrl(url, resURL)) {
return resourceMap.get(resURL);
}
}
return null;
}

public boolean supports(Class<?> clazz) {
return true;
}

public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}

}
...全文
1593 6 打赏 收藏 转发到动态 举报
AI 作业
写回复
用AI写文章
6 条回复
切换为时间正序
请发表友善的回复…
发表回复
chaohua20 2011-01-10
  • 打赏
  • 举报
回复
上面GamersAccessDecisionManager 查询输出是ROLE_ANONYMOUS一直登陆不了,我的数据库里面是role_user在这里怎么变成了ROLE_ANONYMOUS了?
在自定义的拦截器里面我输出了role.getName()是==================================ROLE_USER==============
高手们能详细说说吗?我真的搞不懂了,初弄security出了好多问题了。只能发30分的帖子。全部分送上。
chaohua20 2011-01-10
  • 打赏
  • 举报
回复
确切的说是我一打开/index.jsp就会出现这个东西[ROLE_ANONYMOUS]这个是我自己输出的

//怎么这里输出这个是ROLE_ANONYMOUS
System.out.println(authentication.getAuthorities());

这个在资源认证器里面
chaohua20 2011-01-10
  • 打赏
  • 举报
回复
恩我第一次登陆就出现这个东西
chaohua20 2011-01-10
  • 打赏
  • 举报
回复
解决了是这里密码传错了 User user = new User(username,
"robin", true, true, true, true, listRoleToCollection(usertable.get(0).getRoles()));
一洽客服系统 2011-01-10
  • 打赏
  • 举报
回复
WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS 你又登陆吗?
chaohua20 2011-01-10
  • 打赏
  • 举报
回复
Level: DEBUG
Time: 2011-01-10 00:59:39,281
Method: org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:191)
Message: Secure object: FilterInvocation: URL: /index.jsp; Attributes: [ROLE_USER]

Level: DEBUG
Time: 2011-01-10 00:59:39,281
Method: org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:292)
Message: Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
Object:FilterInvocation: URL: /index.jsp
[ROLE_ANONYMOUS]
验证的时候出的信息

67,550

社区成员

发帖
与我相关
我的任务
社区描述
J2EE只是Java企业应用。我们需要一个跨J2SE/WEB/EJB的微容器,保护我们的业务核心组件(中间件),以延续它的生命力,而不是依赖J2SE/J2EE版本。
社区管理员
  • Java EE
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧