私は春のセキュリティ5.3を使用したいです
このようなXMLで設定
<http auto-config="true">
<intercept-url pattern="/list" access="hasRole(USER)"/>
<intercept-url pattern="/security" access="isAnonymous()"/>
<http-basic />
<form-login login-page="/security"
login-processing-url="/security"
default-target-url="/list"
authentication-failure-url="/security?error"
username-parameter="username"
password-parameter="password"/>
<logout logout-success-url="/security?logout"/>
<csrf disabled="true"/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="$2a$10$BHjEcnhAgqRH0Vj6aPmGTOtQfYdx3PsvTWjsVxVBouiLTzGSLTSz2" authorities="USER"/>
</user-service>
<password-encoder ref="encoder" />
</authentication-provider>
</authentication-manager>
<beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
私がログインしたときに、私はこのエラーを取得します:
java.lang.IllegalArgumentExceptionが:式 'hasRoleも(USER)' org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:30)org.springframework.security.web.access.expression.WebExpressionVoterを評価するために失敗しました。投票(WebExpressionVoter.java:52)org.springframework.security.web.access.expression.WebExpressionVoter.vote(WebExpressionVoter.java:33)org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:63) org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)org.springframework.security.web。 access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)org.springframework.security.web。 FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java: 334)org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web。 servletapi.SecurityContextHolderAwareRequestFilter。doFilter(SecurityContextHolderAwareRequestFilter.java:158)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)ORG。 springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:155)org.springframework.web.filter.OncePerRequestFilter。 doFilter(OncePerRequestFilter.java:119)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)ORG。springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.request。 async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)ORG。springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter( SecurityContextPersistenceFilter.java:105)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security。 web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(OncePerRequestFilter.java:119)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)ORG。 springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy。 Javaの:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(OncePerRequestFilter.java:119)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)ORG。 springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy。 Javaの:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)ORG。 springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java: 358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(FilterChainProxy.java:334)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)ORG。 springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java: 358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(FilterChainProxy.java:334)org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web。 filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)doFilter(FilterChainProxy.java:334)org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web。 filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
根本的な原因
org.springframework.expression.spel.SpelEvaluationException:EL1008E:プロパティまたはフィールド「USERは」「org.springframework.security.web.access.expression.WebSecurityExpressionRoot」タイプのオブジェクト上で見つけることができません - 有効な多分公衆されていませんか?org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:217)org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:104)org.springframework.expression.spel.ast。 PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:91)org.springframework.expression.spel.ast.MethodReference.getArguments(MethodReference.java:164)org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:94) org.springframework.expression.spel.ast.SpelNodeImpl。
私のコードではどのようなエラー?
org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'USER' cannot be found on object of type
もし上記のエラーから、問題は春のセキュリティフレームワークから認識されていないHTE USERで見ることができます。あなたは「」でUSERを囲む追加することを忘れています。
問題は式であります:<intercept-url pattern="/list" access="hasRole(USER)"/>。それを元に戻して<intercept-url pattern="/list" access="hasRole('USER')"/>、それが動作します。