2
Virgo 3.6.0.M03에서 Spring Security 3.1.3을 사용하여 간단한 예제를 만들려고합니다. 예 3 개 다발로 구성스프링 보안 및 OSGi
보안 번들 구성 및 보안하여 HelloWorld 방법을 게시의 AuthenticationManager
<security:authentication-manager id="authenticationManager"> <security:authentication-provider> <security:user-service> <security:user name="Rigas" password="password" authorities="ROLE_MEMBER"/> </security:user-service> </security:authentication-provider> </security:authentication-manager> <service id="authenticationManagerOsgi" ref="authenticationManager" interface="org.springframework.security.authentication.AuthenticationManager"/>helloSecurity 번들을 발행한다. 그것은 AuthenticationManager를 참조하고 그것을 global-method-security에 주입합니다. helloSecurity IF를 참조하여 보안하여 HelloWorld 메서드를 호출
<security:global-method-security secured-annotations="enabled" authentication-manager-ref="authenticationManager"/> <reference id="authenticationManager" availability="mandatory" interface="org.springframework.security.authentication.AuthenticationManager"/> <service id="helloSpringSecurityOsgi" ref="helloSpringSecurity" interface="net.ansible.examples.hellospringsecurity.HelloSpringSecurity" />helloSecurityConsumer 번들.
<reference id="helloSpringSecurity" availability="mandatory" interface="net.ansible.examples.hellospringsecurity.HelloSpringSecurity"/>
번들 statup 및 배선 작업이 제대로 만 helloSecurityConsumer는 다음과 같은 예외가 발생하는 보안 메소드를 호출하면 :
Failed to call secure method org.springframework.beans.factory.BeanNotOfRequiredTypeException: Bean named 'authenticationManager' must be of type [org.springframework.security.authentication.ProviderManager], but was actually of type [$Proxy94]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:360)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser$AuthenticationManagerDelegator.authenticate(GlobalMethodSecurityBeanDefinitionParser.java:386)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:316)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at net.ansible.examples.hellospringsecurity.impl.HelloSpringSecurityImpl$$EnhancerByCGLIB$$99e49c75.sayHello(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:319)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy95.sayHello(Unknown Source)
at net.ansible.examples.hellospringsecurityconsumer.impl.HelloSpringSecurityConsumerImpl$MyRunnable.run(HelloSpringSecurityConsumerImpl.java:50)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(Unknown Source)
at java.util.concurrent.FutureTask.runAndReset(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodic(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
GlobalMethodSecurityBeanDefinitionParser 참조 된 AuthenticationManager에 사용을 시도하고 변환에 문제가 ProviderManager에 대한 OSGi 조정에 대한 프록시. 디버깅은 Proxy (a jdkDynamicAopProxy)가 실제로 ProviderManager 클래스 주위의 프록시이고 모든 관련 인터페이스가 있음을 보여줍니다. 내가 수행하려고하는 작업을 수행하기위한 구성이 있습니까?
얼마 전에 버그 보고서를 열어 보았는데 비슷한 문제가있었습니다. https://jira.springsource.org/browse/SEC-1842 (http://forum.springsource.org/showthread. php? 116363). 우리는 또한 AuthenticationManager 구현 대신에 ProviderManager 인스턴스가 예상되는 문제에 부딪혔다. 따라서 코드에는 AuthenticationManager 대신 ProviderManager가 사용되는 다른 위치가있을 수 있습니다. – James
당신 말이 맞아요. GlobalMethodSecurityBeanDefinitionParser를 패치하면 모든 것이 제대로 작동합니다. –