저는 스프링 보안이 처음이므로 web.xml 파일에 DelegatingFilterProxy Spring 보안 필터를 설정했습니다. 제한된 페이지 나 디렉토리가없는 경우 CAS 인증을 사용하여 스프링 보안 필터를 설정하려고합니다. 각 웹 페이지에는 보호 된 (로그인 한 상태로 볼 수 있음) 섹션과 보호되지 않은 (익명) 섹션이 있으며 페이지 맨 위에 로그인 링크 (CAS 원격 서버에 있음)가 있습니다. 나는 심각한 점점 오전 : authenticationUserDetailsService에 의한 오류 listenerStart를 설정해야합니다 오류 나는 봄 봄 보안 + CAS를 구현하기 전에 잘 작동 3.0 MVC + (Tomcat6 + apache2.2 + jk_module) 웹 응용 프로그램을 사용하고authenticationUserDetails CAS가 포함 된 스프링 보안 필터를 사용하는 서비스 오류
을
감사합니다, MK
오류
org.apache.catalina.core.StandardContext listenerStart
SEVERE: Exception sending context initialized event
to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'casFilter' defined in ServletContext resource [/WEB-INF/service-context.xml]:
Cannot resolve reference to bean 'authManager' while setting bean property 'authenticationManager';
nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name
'org.springframework.security.authenticationManager': Cannot resolve reference to bean 'casAuthProvider' while setting bean property 'providers'
with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'casAuthProvider' defined in ServletContext resource [/WEB-INF/service-context.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: An authenticationUserDetailsService must be set
은 web.xml :
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/service-context.xml
/WEB-INF/security-context.xml
</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Spring Security filter Configuration -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/dispatcher-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
보안-context.xml에
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http entry-point-ref="casEntryPoint" use-expressions="true">
<intercept-url pattern="/" access="permitAll"/>
<custom-filter ref="casFilter" position="CAS_FILTER" />
<logout logout-success-url="https://remote-cas.com/cas/logout"/>
</http>
<authentication-manager alias="authManager">
<authentication-provider ref="casAuthProvider" />
</authentication-manager>
</beans:beans>
및 serivce-context.xml에
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-3.0.xsd">
<!-- for security CAS -->
<bean id="serviceProperties" lass="org.springframework.security.cas.ServiceProperties">
<property name="service" value="http://localhost/myapp/index.jsp"/>
<property name="sendRenew" value="false"/>
</bean>
<bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="https://remote-cas.com/cas/login"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>
<bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authManager"/>
<property name="authenticationSuccessHandler">
<bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" />
</property>
</bean>
<bean id="casAuthProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="ticketValidator" ref="ticketValidator"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>
<bean id="ticketValidator" class="org.jasig.cas.client.validation.Saml11TicketValidator">
<constructor-arg value="https://localhost/myapp/index.jsp" />
<property name="encoding" value="utf8" />
</bean>
'CaseAuthenticationProvider'에는'key '라는 또 다른 필수 속성이 있다고 생각합니다.이 속성은 공급자에 대해 고유 한 문자열로 설정됩니다. 또한 샘플 응용 프로그램 - 및 [CAS docs] (http://docs.spring.io/spring-security/site/docs/3.0.x/reference/cas.html) –
올바르게 이해하면 CAS 서비스 공급자 (원격 서버)에서 사용자 서비스 속성을 가져옵니다. 내가 맞습니까? – user3273391
무슨 뜻인지 확실하지 않습니다. 'UserDetailsService'의 목적은 주로 각 사용자 이름에 대한 관련 응용 프로그램 역할을 제공하기 위해서입니다. –