Spring- Security :java.lang.NoClassDefFoundError: org/springframework/security/context/DelegatingApp
Posted
技术标签:
【中文标题】Spring- Security :java.lang.NoClassDefFoundError: org/springframework/security/context/DelegatingApplicationListener【英文标题】: 【发布时间】:2015-10-14 00:40:41 【问题描述】:我正在将 Spring-Security 版本从 3.2.5 升级到 4.0.1。不幸的是,我偶然发现了一个障碍,我将感谢您的帮助。我正在发布错误日志、securityApplicationContext.xml 和 pom.xml。请看一看。
错误日志:
javax.servlet.ServletException: java.lang.NoSuchMethodError: org.springframework.security.web.access.expression.WebSecurityExpressionRoot.setDefaultRolePrefix(Ljava/lang/String;)V
org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:916)
org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:845)
org.apache.jsp.WEB_002dINF.views.common.footer_jsp._jspService(footer_jsp.java:231)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
SecurityApplicationContext.xml:
<security:http pattern="/resources/**" security="none"/>
<security:http create-session="ifRequired" use-expressions="true" auto-config="false" disable-url-rewriting="true">
<security:form-login login-page="/login" login-processing-url="/j_spring_security_check" default-target-url="/dashboard" always-use-default-target="false" authentication-failure-url="/denied" />
<security:remember-me key="_spring_security_remember_me" user-service-ref="userDetailsService" token-validity-seconds="1209600" data-source-ref="dataSource"/>
<security:logout delete-cookies="JSESSIONID" invalidate-session="true" logout-url="/j_spring_security_logout"/>
<!-- <security:intercept-url pattern="/**" requires-channel="https"/> -->
<security:port-mappings>
<security:port-mapping http="8080" https="8443"/>
</security:port-mappings>
<security:logout logout-url="/logout" logout-success-url="/" success-handler-ref="myLogoutHandler"/>
<security:session-management session-fixation-protection="migrateSession">
<security:concurrency-control session-registry-ref="sessionRegistry" max-sessions="5" expired-url="/login"/>
</security:session-management>
</security:http>
<beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices">
<beans:constructor-arg index="0" value="_spring_security_remember_me"/>
<beans:constructor-arg index="1" ref="userDetailsService"/>
<beans:constructor-arg index="2" ref="jdbcTokenRepository"/>
<property name="alwaysRemember" value="true"/>
</beans:bean>
<!--Database management for remember-me -->
<beans:bean id="jdbcTokenRepository"
class="org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl">
<beans:property name="createTableOnStartup" value="false"/>
<beans:property name="dataSource" ref="dataSource" />
</beans:bean>
<!-- Remember me ends here -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="LoginServiceImpl">
<security:password-encoder ref="encoder"/>
</security:authentication-provider>
</security:authentication-manager>
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
<beans:constructor-arg name="strength" value="11" />
</beans:bean>
<beans:bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="LoginServiceImpl"/>
<beans:property name="passwordEncoder" ref="encoder"/>
</beans:bean>
</beans>
还有 POM.xml :
<packaging>war</packaging>
<properties>
<java-version>1.8</java-version>
<org.springframework-version>4.0.6.RELEASE</org.springframework-version>
<org.aspectj-version>1.7.4</org.aspectj-version>
<org.slf4j-version>1.7.5</org.slf4j-version>
<hibernate.version>4.3.9.Final</hibernate.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<springsecurity.version>4.0.1.RELEASE</springsecurity.version>
</properties>
<dependencies>
<!-- Spring Mobile dependencies -->
<dependency>
<groupId>org.springframework.mobile</groupId>
<artifactId>spring-mobile-device</artifactId>
<version>1.1.3.RELEASE</version>
</dependency>
<!-- Spring mobile ends here -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>$org.springframework-version</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>$org.springframework-version</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>$org.springframework-version</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>$org.springframework-version</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>$org.springframework-version</version>
</dependency>
<!-- Spring security dependenciey -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>$springsecurity.version</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>$springsecurity.version</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>$springsecurity.version</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
如果还有什么需要,请告诉我。非常感谢。 :-)
【问题讨论】:
@smoggers 回答你之后,(他应该得到信任),现在是一个不同的问题。但是,“NoSuchMethodError” - 它是 Spring 的混合版本。确保你的类路径中有正确的版本...... @OhadR :一旦烟雾者发布答案,我就会这样做。关于混合版本,我在顶部声明版本并在整个过程中使用它们。你能看看 pom.xml。谢谢.. 我刚刚添加了一个 spring-security-core 依赖项。谢谢。 新的错误消息与 @OhadR 建议的 spring 和 spring-security 之间的不兼容版本有关,我认为使用添加这些安全包将解决问题。更重要的是,弹簧芯应该在那里。
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>5.2.1.RELEASE</version>
</dependency>
【讨论】:
【参考方案2】:首先,您还需要 pom.xml 中的 spring-security-core 依赖项。
其次,您收到的错误消息与 Spring 和 Spring-Security 之间的不兼容版本有关。我想使用
<org.springframework-version>4.0.6.RELEASE</org.springframework-version> 和 <springsecurity.version>4.0.1.RELEASE</springsecurity.version>
正如您目前所拥有的那样可以正常工作,但后来我注意到Spring-Security documentation 中关于迁移到 Spring-Security 4 的这一行:
“Spring Security 4 现在需要 Spring 4。这意味着你的第一步 是更新到 Spring 4.1.x。”
我的配置也使用 Spring 版本 4.1.1.RELEASE 并且与 Spring-Security 配合良好。
因此,我认为最好的办法是将<org.springframework-version> 升级到4.1 或更高版本。
【讨论】:
好吧,就一件小事,你能帮我解决一下吗,那就这样了。用户现在无法登录,因为传递的凭据为空,它之前使用 Spring-security 的 3.2.5。这是日志:pastebin.com/7XMrTdWW 我在工作,所以我会在可以的时候看看,如果它很紧急,那么最好作为一个新问题发布 不急,因为我们正在升级spring-security,但我还有其他任务.. :D 有时间请看一下。非常感谢... :-) 已解决.... 显然,Spring-security 4.X 需要将 j_username 迁移到用户名和密码。以上是关于Spring- Security :java.lang.NoClassDefFoundError: org/springframework/security/context/DelegatingApp的主要内容,如果未能解决你的问题,请参考以下文章
Spring Security:2.4 Getting Spring Security
没有 JSP 的 Spring Security /j_spring_security_check
Spring Security 登录错误:HTTP 状态 404 - /j_spring_security_check