gpt4 book ai didi

spring-security - Spring 安全和 OSGi

转载 作者:行者123 更新时间:2023-12-01 12:49:13 28 4
gpt4 key购买 nike

我正在尝试在 Virgo 3.6.0.M03 上使用 Spring Security 3.1.3 创建一个简单示例。该示例包含 3 个包:

  • 配置和发布 AuthenticationManager 的安全包

    <security:authentication-manager id="authenticationManager">
    <security:authentication-provider>
    <security:user-service>
    <security:user name="Rigas" password="password" authorities="ROLE_MEMBER"/>
    </security:user-service>
    </security:authentication-provider>
    </security:authentication-manager>
    <service id="authenticationManagerOsgi" ref="authenticationManager" interface="org.springframework.security.authentication.AuthenticationManager"/>
  • 发布安全 helloWorld 方法的 helloSecurity 包。它引用 AuthenticationManager 并将其注入(inject) global-method-security。

    <security:global-method-security secured-annotations="enabled" authentication-manager-ref="authenticationManager"/>
    <reference id="authenticationManager" availability="mandatory" interface="org.springframework.security.authentication.AuthenticationManager"/>
    <service id="helloSpringSecurityOsgi" ref="helloSpringSecurity" interface="net.ansible.examples.hellospringsecurity.HelloSpringSecurity" />
  • helloSecurityConsumer 包引用 helloSecurity IF 并调用安全的 helloWorld 方法。

    <reference id="helloSpringSecurity" availability="mandatory" interface="net.ansible.examples.hellospringsecurity.HelloSpringSecurity"/>

Bundle statup 和 wiring 工作正常,但是一旦 helloSecurityConsumer 调用安全方法,就会抛出以下异常:

Failed to call secure method org.springframework.beans.factory.BeanNotOfRequiredTypeException: Bean named 'authenticationManager' must be of type [org.springframework.security.authentication.ProviderManager], but was actually of type [$Proxy94]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:360)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
at org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser$AuthenticationManagerDelegator.authenticate(GlobalMethodSecurityBeanDefinitionParser.java:386)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:316)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at net.ansible.examples.hellospringsecurity.impl.HelloSpringSecurityImpl$$EnhancerByCGLIB$$99e49c75.sayHello(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:319)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy95.sayHello(Unknown Source)
at net.ansible.examples.hellospringsecurityconsumer.impl.HelloSpringSecurityConsumerImpl$MyRunnable.run(HelloSpringSecurityConsumerImpl.java:50)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(Unknown Source)
at java.util.concurrent.FutureTask.runAndReset(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodic(Unknown Source)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

GlobalMethodSecurityBeanDefinitionParser 尝试使用引用的 AuthenticationManager,但在将 OSGi 引用周围的 Proxy 转换为 ProviderManager 时出现问题。调试显示 Proxy(一个 jdkDynamicAopProxy)确实是围绕 ProviderManager 类的代理,并且具有所有相关接口(interface)。是否有工作配置来实现我正在尝试做的事情?

最佳答案

这对我来说像是一个错误。文件第 386 行 GlobalMethodSecurityBeanDefinitionParser.java引发错误的是

delegate = beanFactory.getBean(authMgrBean, ProviderManager.class);

它向 bean 工厂请求一个具有具体实现 ProviderManager 的 bean,但它应该只请求一个具有接口(interface) AuthenticationManager 的 bean,例如:

delegate = beanFactory.getBean(authMgrBean, AuthenticationManager.class);

您可能想在 Spring Security's Jira 中提出问题.

顺便说一句:我们还将 authenticationManager 导出为 OSGI 服务,并在其他包中使用它,效果非常好。

关于spring-security - Spring 安全和 OSGi,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/13612498/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com