No se pudo evaluar la expresión 'hasRole (USUARIO)'

Others 2022-04-28 02:45:18 views: 0
Dr.Joe:

Quiero utilizar la seguridad de la primavera 5,3

configure en XML como esto

<http auto-config="true">
    <intercept-url pattern="/list" access="hasRole(USER)"/>
    <intercept-url pattern="/security" access="isAnonymous()"/>
    <http-basic />
    <form-login login-page="/security"
                  login-processing-url="/security"
                  default-target-url="/list"
                  authentication-failure-url="/security?error"
                  username-parameter="username"
                  password-parameter="password"/>

    <logout logout-success-url="/security?logout"/>
    <csrf disabled="true"/>
</http>

<authentication-manager>
    <authentication-provider>
        <user-service>
            <user name="user" password="$2a$10$BHjEcnhAgqRH0Vj6aPmGTOtQfYdx3PsvTWjsVxVBouiLTzGSLTSz2" authorities="USER"/>
        </user-service>
        <password-encoder ref="encoder" />
    </authentication-provider>
</authentication-manager>

<beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>

al iniciar sesión me sale este error:

java.lang.IllegalArgumentException: No se ha podido evaluar la expresión 'hasRole (USUARIO)' org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean (ExpressionUtils.java:30) org.springframework.security.web.access.expression.WebExpressionVoter. voto (WebExpressionVoter.java:52) org.springframework.security.web.access.expression.WebExpressionVoter.vote (WebExpressionVoter.java:33) org.springframework.security.access.vote.AffirmativeBased.decide (AffirmativeBased.java:63) org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation (AbstractSecurityInterceptor.java:233) org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke (FilterSecurityInterceptor.java:123) org.springframework.security.web. access.intercept.FilterSecurityInterceptor.doFilter (FilterSecurityInterceptor.java:90) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.access.ExceptionTranslationFilter.doFilter (ExceptionTranslationFilter.java:118) org.springframework.security.web. FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.session.SessionManagementFilter.doFilter (SessionManagementFilter.java:137) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java: 334) org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter (AnonymousAuthenticationFilter.java:111) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web. servletapi.SecurityContextHolderAwareRequestFilter.doFilter (SecurityContextHolderAwareRequestFilter.java:158) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter (RequestCacheAwareFilter.java:63) org. springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal (BasicAuthenticationFilter.java:155) org.springframework.web.filter.OncePerRequestFilter. doFilter (OncePerRequestFilter.java:119) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter (AbstractAuthenticationProcessingFilter.java:200) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter (LogoutFilter.java:116) $ org.springframework.security.web.FilterChainProxy VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter (HeaderWriterFilter.java:92) org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal (HeaderWriterFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:119) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.request. async.WebAsyncManagerIntegrationFilter.doFilterInternal (WebAsyncManagerIntegrationFilter.java:56) org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:119) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter ( SecurityContextPersistenceFilter.java:105) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security. web.FilterChainProxy.doFilter (FilterChainProxy.java:178) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java:358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (OncePerRequestFilter.java:119) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter (SecurityContextPersistenceFilter.java:105) org. springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy. java: 178) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java:358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (OncePerRequestFilter.java:119) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter (SecurityContextPersistenceFilter.java:105) org. springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org.springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy. java: 178) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java:358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter (SecurityContextPersistenceFilter.java:105) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org. springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy.java:178) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java: 358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (FilterChainProxy.java:334) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter (SecurityContextPersistenceFilter.java:105) org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter (FilterChainProxy.java:334) org. springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy.java:178) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java: 358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (FilterChainProxy.java:334) org.springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy.java:178) org.springframework.web. filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java:358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)doFilter (FilterChainProxy.java:334) org.springframework.security.web.FilterChainProxy.doFilterInternal (FilterChainProxy.java:215) org.springframework.security.web.FilterChainProxy.doFilter (FilterChainProxy.java:178) org.springframework.web. filter.DelegatingFilterProxy.invokeDelegate (DelegatingFilterProxy.java:358) org.springframework.web.filter.DelegatingFilterProxy.doFilter (DelegatingFilterProxy.java:271)

Causa principal

org.springframework.expression.spel.SpelEvaluationException: EL1008E: Propiedad o en el campo 'usuario' no se pueden encontrar en objeto de tipo 'org.springframework.security.web.access.expression.WebSecurityExpressionRoot' - tal vez no pública o no válida? org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty (PropertyOrFieldReference.java:217) org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal (PropertyOrFieldReference.java:104) org.springframework.expression.spel.ast. PropertyOrFieldReference.getValueInternal (PropertyOrFieldReference.java:91) org.springframework.expression.spel.ast.MethodReference.getArguments (MethodReference.java:164) org.springframework.expression.spel.ast.MethodReference.getValueInternal (MethodReference.java:94) org.springframework.expression.spel.ast.SpelNodeImpl.

qué error en mi código?

Rando Shtishi:

org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'USER' cannot be found on object of type

Desde el error anterior se puede ver el problema es fácil de HTE que no está siendo reconocido desde el marco de seguridad de la primavera. Se han olvidado de añadir encerrar el usuario en ''.

El problema es con la expresión: <intercept-url pattern="/list" access="hasRole(USER)"/>. Reemplazarlo con <intercept-url pattern="/list" access="hasRole('USER')"/>y funcionará.

Supongo que te gusta

Origin http://43.154.161.224:23101/article/api/json?id=283926&siteId=1
Recomendado
Clasificación
Diario
Más
2024-05-18(30)
2024-05-17(4)
2024-05-16(22)
2024-05-15(5)
2024-05-14(10)
2024-05-13(7)
2024-05-12(22)
2024-05-11(31)
2024-05-10(32)
2024-05-09(31)

Code World

© 2018 codetd.com