zhanjia
- 浏览: 401021 次
- 性别:
- 来自: 广州
-
文章分类
最新评论
-
xxbb77:
说的有点道理
保持好奇心,把时间花在刀刃上 -
JavaAiHaoZhezh:
有时候需要学会放手,别让自己太劳累 -
1011729483:
你好:楼主我想请问一下刚开始你访问项目进去login.jsp页 ...
菜鸟-手把手教你把Acegi应用到实际项目中(2) -
zhglance:
很赞,胜过好多出版物
程序员必备:Linux日常维护命令 -
zizhi9999:
为什么我的总是说timeout呢 很急 啊
利用SNMP获取、走访节点值
这一节我们将要了解的是AnonymousProcessingFilter、RememberMeProcessingFilter和LogoutFilter三个过滤器。
1、AnonymousProcessingFilter
在大部分企业应用中,存在许多不需要用户登录就可以访问的资源,比如登录页面、退出页面、主页等。鉴于此,Acegi提供了匿名认证服务。这样能够使所有的Web资源得到保护,而不是某些资源不设权限控制,让任何人都可以访问,这样整个Acegi使能应用的Web安全策略模型将非常完美。与此同时,SecurityContextHolder(SecurityContext)将始终持有Authentication对象,因此代码的健壮性、可读性也将得到增强。
AnonymousProcessingFilter,该过滤器是用来对匿名用户的处理。如果用户尚未登录,将生成一个匿名用户的Authentication存放到ContextHolder中。即当不存在任何授权信息时,自动为Authentication对象添加userAttribute中定义的匿名用户权限。
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="changeThis" /> <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS" /> </bean>
说明:
l key:用于指定用户的名称,其实这个属性指定的值只是一个简单的标识符,可以自己取值。
l userAttribute:用于指定匿名用户的密码(anonymousUser)、权限信息(ROLE_ANONYMOUS)和启用状态(enabled/disabled),这里anonymousUser实际上是用户名。
另外,和AuthenticationProcessingFilter的一样,AnonymousProcessingFilter也有自己的AuthenticationProvider,即AnonymousProcessingFilter。
<bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="changeThis" /> </bean>
此处的key一般与AnonymousProcessingFilter中的key保持一致,用于保证Authentication对象的真实性,当然这只是Acegi内部的一个设计细节,开发者直接提供自身的key属性取值即可。同样将该Provider加到authenticationManager的providers属性列表中。(个人发现,如果不提供AnonymousAuthenticationProvider,同样能实现匿名认证的功能,或者key不相同也没影响,这一点本人暂时不太明白,如果有谁清楚的请留言给我,谢谢^_^)
2、RememberMeProcessingFilter
该Filter会在用户登录后,在本地机器上记录用户cookies信息,这样下次访问就不用再登录了。它还负责对所有HTTP请求进行拦截,当发现SecurityContextHolder中没有包含有效的Authentication对象时,自动调用RememberMeServices#autoLogin()方法从Cookie中获取用户名/密码的编码串进行自动登录,所以rememberMeProcessingFilter首先要注入一个RememberMeServices Bean。
rememberMeProcessingFilter通过rememberMeServices获取对应Cookie中用户的UserDetails后,就必须进行用户身份认证。这项工作依然委托给authenticationManager完成,所以我们给rememberMeProcessingFilter注入了authenticationManager Bean。
authenticationManager如何对基于Cookie的用户凭证进行认证呢?显然,不能采用原来的daoAuthenticationProvider所用的方法,因为Cookie所提供用户凭证和登录表单提供的用户凭证在格式上存在很大的差异。基于Remember-Me的用户名/密码信息是经过特殊编码的字符串,Acegi通过RememberMeAuthenticationProvider负责对基于Cookie的用户凭证信息进行认证。所以你必须将该认证提供者添加到authenticationManager中。
<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="rememberMeServices" ref="rememberMeServices" /><!-- 增加 --> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider" /> <!-- 增加 --> <bean class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="changeThis" /> </bean> <!-- 增加 --> <bean class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="foobar" /><!-- key必须和rememberMeServices中的key一致 --> </bean> </list> </property> </bean> <!-- 增加, 默认tokenValiditySeconds = 1209600L, 即保留两周 --> <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService" ref="inMemDaoImpl" /> <!-- cookie中的键值, 防止保存到客户端的cookie中的加密串被恶意篡改 --> <property name="key" value="foobar" /> <!-- cookie有效时间, 单位为秒, 这里设定为5天内不用再登陆 --> <property name="tokenValiditySeconds" value="432000" /> </bean> 另外,必须在AuthenticationProcessingFilter中加入rememberMeServices。这样,当用户勾选了记住密码并登录后,rememberMeServices会将用户信息保存到Cookie中 <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> …… <property name="rememberMeServices" ref="rememberMeServices" /><!-- 增加, 可别忘了此处 --> </bean>
3、LogoutFilter
该Filter负责处理退出登录后所需要的清理工作。包括:
1) 销毁session
2) 清空 ContextHolder
3) 把rememberMeServices从cookies中清除掉
4) 最后重定向到指定的退出登陆页面。
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout 退出页面url -->
<constructor-arg>
<list>
<ref bean="rememberMeServices"/><!-- 用于清空cookies -->
<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
最后,请注意,Acegi默认的自动登陆设定参数名为_acegi_security_remember_me,注销链接为/j_acegi_logout。
登录时,在页面添加以下代码:
<input type="checkbox" name="_acegi_security_remember_me">
退出时,在页面添加以下代码:
<a href="<%=request.getContextPath() %>/j_acegi_logout">Logout</a>
开发环境:
MyEclipse 5.0GA
Eclipse3.2.1
JDK1.5.0_10
tomcat5.5.23
acegi-security-1.0.7
Spring2.0
Jar包:
acegi-security-1.0.7.jar
Spring.jar
commons-codec.jar
jstl.jar (1.1版)
standard.jar
- 例子源码Acegi2.rar (7.6 KB)
- 下载次数: 597
分享到:
评论
12 楼
iloveyoo
2010-07-02
楼主这里acegi介绍的挺全面,通俗易懂,acegi里面还有一个acl的控制,能够控制用户访问部分数据,如用户A只能访问一部分订单,用户B只能访问另一部分订单,这个也补充上就更全面。mail:ma_yaling1013@hotmail.com
11 楼
iloveyoo
2010-07-01
lz,正在学习acegi,这里有点疑问,rembermefilter是为了保持cookie多长时间内不失效,下次不用再登陆,如例子5天;而LogoutFilter又在退出时清空cookie是否矛盾呢?mail:ma_yaling1013@hotmail.com
10 楼
javaliver
2010-05-28
用户验证成功后访问/authenticate/index.jsp 没有问题
没有验证直接访问/authenticate/index.jsp 报如下问题新手
org.acegisecurity.AccessDeniedException: Access is denied
at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:285)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:104)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:106)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
没有验证直接访问/authenticate/index.jsp 报如下问题新手
org.acegisecurity.AccessDeniedException: Access is denied
at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:285)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:104)
at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:106)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:229)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
9 楼
adamzzww
2009-07-28
http://localhost:8080/Acegi2/authenticate/index.jsp
网上搜的,加个spring-webmvc看看,我的可以了。希望楼主,发个原配JAR,或者有空跟新下版本?
PS:初学,比较麻烦,看了LZ的连载,很有收获。谢谢..
windywindy 写道
严重: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
网上搜的,加个spring-webmvc看看,我的可以了。希望楼主,发个原配JAR,或者有空跟新下版本?
PS:初学,比较麻烦,看了LZ的连载,很有收获。谢谢..
8 楼
windywindy
2009-07-28
1、AnonymousProcessingFilter
在大部分企业应用中,存在许多不需要用户登录就可以访问的资源,比如登录页面、退出页面、主页等。鉴于此,Acegi提供了匿名认证服务。这样能够使所有的Web资源得到保护,而不是某些资源不设权限控制,让任何人都可以访问,这样整个Acegi使能应用的Web安全策略模型将非常完美。与此同时,SecurityContextHolder(SecurityContext)将始终持有Authentication对象,因此代码的健壮性、可读性也将得到增强。
AnonymousProcessingFilter,该过滤器是用来对匿名用户的处理。如果用户尚未登录,将生成一个匿名用户的Authentication存放到ContextHolder中。即当不存在任何授权信息时,自动为Authentication对象添加userAttribute中定义的匿名用户权限。
Xml代码
windywindy 写道
严重: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
原来spring2.5把2.1中有的org.springframework.web.bind包去掉了,郁闷,高版本反而不兼容!
7 楼
windywindy
2009-07-27
严重: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
java.lang.NoClassDefFoundError: org/springframework/web/bind/RequestUtils
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.rememberMeRequested(TokenBasedRememberMeServices.java:360)
at org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loginSuccess(TokenBasedRememberMeServices.java:366)
at org.acegisecurity.ui.AbstractProcessingFilter.successfulAuthentication(AbstractProcessingFilter.java:488)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:266)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.ui.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:275)
at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:149)
at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:98)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source
登陆时报这个错误!
我用的spring的包和前面2个工程一样的!spring-framework-2.5.6
6 楼
major361
2009-04-02
ikon 写道
RememberMeProcessingFilter 不起作用
你是不是没有勾选
<checkbox name="_j_acegi_remember_me" />
5 楼
20244806
2009-03-13
@ikon
你看到RememberMeProcessingFilter 不起作用的原因,估计是你的web.xml里面那个welcome-file-list配置的是login.jsp这个页面
你看到RememberMeProcessingFilter 不起作用的原因,估计是你的web.xml里面那个welcome-file-list配置的是login.jsp这个页面
4 楼
zhanjia
2008-11-07
ikon 写道
RememberMeProcessingFilter 不起作用
这位朋友, 我刚测试过是可以的.
登录时选中:五天内不用登录
关闭浏览器后, 直接输入:http://localhost:8080/Acegi2/authenticate/index.jsp可以访问而不用登录
3 楼
ikon
2008-11-07
RememberMeProcessingFilter 不起作用
2 楼
ikon
2008-11-07
自动登陆是不可以的
1 楼
zhanjia
2008-10-20
我要重新编辑字体,因为字体太难看,但一编辑那些用HTML、XML嵌入的代码又得重新做一次,好麻烦,不然就乱了
熟悉javaeye的朋友请教一教我,谢谢了!
熟悉javaeye的朋友请教一教我,谢谢了!
发表评论
-
菜鸟-手把手教你把Acegi应用到实际项目中(12)-Run-As认证服务
2008-11-25 18:00 4650有这样一些场合,系统用户必须以其他角色身份去操作某 ... -
菜鸟-手把手教你把Acegi应用到实际项目中(11)-切换用户
2008-11-15 23:48 4260在某些应用场合中,我们可能需要用到切换用户的功能, ... -
菜鸟-手把手教你把Acegi应用到实际项目中(10)-保护业务方法
2008-11-09 00:35 4476前面已经讲过关于保护Web资源的方式,其中包括直接 ... -
菜鸟-教你把Acegi应用到实际项目(9)-实现FilterInvocationDefinition
2008-11-02 11:34 7869在实际应用中 ... -
菜鸟-手把手教你把Acegi应用到实际项目中(8)-扩展UserDetailsService接口
2008-10-29 13:04 13222一个能为DaoAuthenticationProv ... -
菜鸟-手把手教你把Acegi应用到实际项目中(7)-缓存用户信息
2008-10-28 21:52 4518首先讲讲EhCache ... -
菜鸟-手把手教你把Acegi应用到实际项目中(6)
2008-10-26 22:51 5954在企业应用中,用户的用户名、密码和角色等信 ... -
菜鸟-手把手教你把Acegi应用到实际项目中(5)
2008-10-25 22:00 7422在实际企业应用中,用户密码一般都会进行加密处理,这样才 ... -
菜鸟-手把手教你把Acegi应用到实际项目中(4)
2008-10-23 22:27 7667今天就讲个ConcurrentSessionFilte ... -
菜鸟-手把手教你把Acegi应用到实际项目中(2)
2008-10-16 23:16 7259上一篇是基于BasicProcessingFil ... -
菜鸟-手把手教你把Acegi应用到实际项目中(1.2)
2008-10-16 02:20 77777) daoAuthenticationProvider 进 ... -
菜鸟-手把手教你把Acegi应用到实际项目中(1.1)
2008-10-16 02:13 10743相信不少朋友们对于学 ...
相关推荐
本教程将引导初学者逐步了解如何在实际项目中应用Acegi安全框架,以便为你的Web应用提供强大的身份验证和授权功能。 首先,让我们理解Acegi的基础概念。Acegi的核心组件包括SecurityContext、Authentication和...
在本文中,我们将深入理解如何将Acegi应用到实际项目中,特别关注其核心配置——web.xml中的过滤器设置和Acegi安全文件的配置。 首先,我们来看web.xml中的过滤器配置: 1. **FilterToBeanProxy**:Acegi通过...
在使用这个压缩包时,首先需要将其解压,然后将`acegi-security-tiger-1.0.0-RC2.jar`添加到项目的类路径中。如果项目是基于Spring的,需要在配置文件中启用Acegi Security,并根据应用需求配置相应的安全策略。同时...
包含acegi-security-1.0.7.jar,acegi-security-1.0.7-sources.jar,acegi-security-cas-1.0.7.jar,acegi-security-cas-1.0.7-sources.jar,acegi-security-catalina-1.0.7.jar,acegi-security-catalina-1.0.7-...
这个"acegi-sample.rar_acegi"项目提供了一个详细的示例,帮助开发者理解并应用Acegi框架的核心功能。下面我们将深入探讨Acegi的主要特性及其在实际开发中的应用。 1. **认证与授权**: Acegi框架的核心是它对用户...
通过学习Acegi,我们可以了解到Web应用安全的基本思路和实践方法,这对于理解现代的Spring Security框架非常有帮助。虽然Acegi已经不再更新,但它的理念和架构仍对现代安全框架设计产生深远影响。
acegi-security 1.0.2.jar
Acegi是一个专门为SpringFramework提供安全机制的项目,全称为Acegi Security System for Spring.
这个压缩包中的"acegi-sample"部分可能包含了一个示例项目,展示了如何在实际应用中配置和使用Acegi Security。而"spring-1.2.4.jar"则是Spring框架的一个较旧版本,表明Acegi Security是在Spring 1.x时代设计的,那...
acegi-security-0.8.3驱动程序
在本教程中,作者旨在帮助那些在学习Acegi过程中遇到困难的开发者,通过一步步的指导,使他们能够成功地将Acegi集成到实际项目中,并理解其核心配置和工作原理。 首先,Acegi的配置是其难点之一,因为涉及许多不同...
这篇博客将深入解析一个配置了Acegi Security的`applicationContext-acegi-security.xml`文件,帮助我们理解如何将LDAP与Acegi集成以实现更安全的Web应用。 **LDAP基础** LDAP是一种标准的网络协议,用于存储和...
标题“spring的acegi应用”指的是在Spring框架中使用Acegi安全模块进行权限管理和用户认证的一个主题。Acegi是Spring早期的一个安全组件,后来发展成为Spring Security,是Spring生态系统中的重要部分,用于提供全面...
- 首先,我们需要在 Acegi 安全配置文件(例如 `acegi-context-cas.xml`)中引入 CAS 客户端的相关依赖。这通常包括添加 CAS 的过滤器,如 `CasAuthenticationFilter` 和 `CasValidationFilter`,以及 `...
它在Spring框架的基础上构建了一套完整的安全解决方案,使开发者能够方便地集成到自己的应用中,确保用户访问权限的有效控制和数据安全。 Acegi Security 1.0.7是该组件的一个稳定版本,其核心功能包括身份验证、...
"acegi-security-0.6.1.jar"是Acegi Security的主库文件,包含了所有必要的类和资源,使得开发者能够将安全功能集成到他们的Spring应用中。这个JAR文件可以被添加到应用的类路径中,以便在运行时加载和使用Acegi ...