81,122
社区成员
发帖
与我相关
我的任务
分享SpringBoot集成了SpringSecurity和freemarker,在freemarker页面上使用security标签
问个问题,现在用spring boot 集成了spring security和freemarker,然后想在freemarker的页面中使用security标签
页面是这样引用的
然后.tld文件放在了resources文件夹下
POM文件中引入了security-taglib的依赖
用main运行之后一直报错
freemarker.template.TemplateModelException: Error while loading tag library for URI "/security.tld" from TLD location "servletContext:/security.tld"; see cause exception.
...中间内容省略
Caused by: java.io.IOException: Resource not found: servletContext:/security.tld
2017-03-21 14:59:51.062 ERROR 8448 --- [nio-8080-exec-2] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is freemarker.template.TemplateModelException: Error while loading tag library for URI "/security.tld" from TLD location "servletContext:/security.tld"; see cause exception.
----
FTL stack trace ("~" means nesting-related):
- Failed at: #assign security = JspTaglibs["/secur... [in template "login.ftl" at line 2, column 1]
----] with root cause
有用点的信息就是
百度了好久,但是一直没能解决,哪位大神帮帮忙,谢谢
页面是这样引用的
然后.tld文件放在了resources文件夹下
POM文件中引入了security-taglib的依赖
用main运行之后一直报错
freemarker.template.TemplateModelException: Error while loading tag library for URI "/security.tld" from TLD location "servletContext:/security.tld"; see cause exception.
...中间内容省略
Caused by: java.io.IOException: Resource not found: servletContext:/security.tld
2017-03-21 14:59:51.062 ERROR 8448 --- [nio-8080-exec-2] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is freemarker.template.TemplateModelException: Error while loading tag library for URI "/security.tld" from TLD location "servletContext:/security.tld"; see cause exception.
----
FTL stack trace ("~" means nesting-related):
- Failed at: #assign security = JspTaglibs["/secur... [in template "login.ftl" at line 2, column 1]
----] with root cause
有用点的信息就是
百度了好久,但是一直没能解决,哪位大神帮帮忙,谢谢
...全文
请发表友善的回复…
发表回复
风雨诗轩 2018-04-12
- 打赏
- 举报
页面顶部加载<#assign security=JspTaglibs["http://www.springframework.org/security/tags"]/>
其次上面2楼和3楼回答的配置类也要写
在freemarker页面将你想用权限控制的元素用这个包裹<@security.authorize access='hasRole("ROLE_ADMIN")'> 一些div或按钮等其他元素</@security.authorize>
要注意spring security的版本,3.x和4.x的用法不一样,3.x用法为 <sec:authorize="hasRole('ROLE_USER')"></sec:authorize>,4.x用法为<sec:authorize access="hasRole('ROLE_USER')"></sec:authorize>
梁勇俊 2018-03-08
- 打赏
- 举报
在ftl文件头部加这行代码
<#assign sec=JspTaglibs["http://www.springframework.org/security/tags"]/>
<!DOCTYPE html>
<html lang="en">
新创建一个config包创建一个类
public class ClassPathTldsLoader {
/**
* 指定路径
*/
private static final String SECURITY_TLD = "/security.tld";
final private List<String> classPathTlds;
public ClassPathTldsLoader(String... classPathTlds) {
super();
if(ArrayUtils.isEmpty(classPathTlds)){
this.classPathTlds = Arrays.asList(SECURITY_TLD);
}else{
this.classPathTlds = Arrays.asList(classPathTlds);
}
}
@Autowired
private FreeMarkerConfigurer freeMarkerConfigurer;
@PostConstruct
public void loadClassPathTlds() {
freeMarkerConfigurer.getTaglibFactory().setClasspathTlds(classPathTlds);
}
}
在sprinboot配置类中加入以上类的bean
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)//开启基于方法的声明式权限控制
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private UserDetailsService userDetailsService;
/**
* 认证信息管理
* @param auth
* @throws Exception
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
auth.authenticationProvider(authenticationProvider());
}
@Autowired
private PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); // 使用 BCrypt 加密
}
//把用户信息与密码装置进去
@Bean
public AuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(passwordEncoder); // 设置密码加密方式
return authenticationProvider;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/css/**","/js/**", "/fonts/**").permitAll() // 都可以访问
.and()
.authorizeRequests()
.antMatchers("/admins/**").hasRole("ADMIN")// 需要相应的角色才能访问
.and()
.formLogin() //基于 Form 表单登录验证
.loginPage("/login").failureUrl("/login-error"); // 自定义登录界面
}
@Bean
@ConditionalOnMissingBean(ClassPathTldsLoader.class)
public ClassPathTldsLoader classPathTldsLoader(){
return new ClassPathTldsLoader();
}
}
pom文件需要引入这三个包
<!--启用安全认证-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2.1-b03</version>
</dependency>
框架会自已找如果远程的http://www.springframework.org/security/tags加载不上会到指定的目录去找tld文件;
cheng_zhen 2017-06-26
- 打赏
- 举报
楼主,这个问题解决了吗,我也是这个问题。。。
qq_27961263 2017-05-09
- 打赏
- 举报
1. ftl的文件:
<#assign sec=JspTaglibs["http://www.springframework.org/security/tags"]/>
2.
pom.xml中添加依赖包:<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2.1-b03</version>
</dependency>
3.新建类 ClassPathTldsLoader 指定加载路径:
package com.finruntech.frt.fits.web.config;
import java.util.Arrays;
import java.util.List;
import javax.annotation.PostConstruct;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer;
/**
* freemaker spring.tld 加载路径
*/
public class ClassPathTldsLoader {
/**
* 指定路径
*/
private static final String SECURITY_TLD = "/META-INF/security.tld";
final private List<String> classPathTlds;
public ClassPathTldsLoader(String... classPathTlds) {
super();
if(ArrayUtils.isEmpty(classPathTlds)){
this.classPathTlds = Arrays.asList(SECURITY_TLD);
}else{
this.classPathTlds = Arrays.asList(classPathTlds);
}
}
@Autowired
private FreeMarkerConfigurer freeMarkerConfigurer;
@PostConstruct
public void loadClassPathTlds() {
freeMarkerConfigurer.getTaglibFactory().setClasspathTlds(classPathTlds);
}
}
4.在WebParameterConfig创建bean
package com.finruntech.frt.fits.web.config;
import com.finruntech.frt.fits.web.infra.authentication.ActiveUserWebArgumentResolver;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import java.util.List;
/**
* Configuration that letting Spring MVC controller be able to pickup ActiveUser as valid parameter, and fill in
* whatever needed for user authentication.
*/
@Configuration
public class WebParameterConfig extends WebMvcConfigurerAdapter {
@Override
public void addArgumentResolvers(List<HandlerMethodArgumentResolver > argumentResolvers) {
argumentResolvers.add(new ActiveUserWebArgumentResolver());
}
@Bean
@ConditionalOnMissingBean(ClassPathTldsLoader.class)
public ClassPathTldsLoader classPathTldsLoader(){
return new ClassPathTldsLoader();
}
}
