开发者

Spring Security needs ContextLoaderListener but I'm using annotated configuration, what to do?

问答 作者:

I was using annotated configuration for my Spring web app and then had to mix XML with it so that I could use Spring Security. I annotated one of my configuration classes with @ImportResource("security-config.xml") to load the security config. The configuration beans are being created just fine. My web.xml looks like so:

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="com-timbuk2-webapp-compositor" 
         version="3.0"
         xmlns="http://java.sun.com/xml/ns/javaee" 
         xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
                             http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" >

    <!-- Spring Security Chain -->
    <filter>
         <filter-name>springSecurityFilterChain</filter-name>
         <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
       <filter-name>springSecurityFilterChain</filter-name>
       <url-pattern>/*</url-pattern>
    </filter-mapping>

     <!--  Character Encoding -->
    <filter>
        <filter-name>characterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>characterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!--  URL Rewrite -->
    <filter>
        <filter-name>urlRewriteFilter</filter-name>
        <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
        <init-param>
            <param-name>logLevel</param-name>
            <param-value>commons</param-value>
        </init-param>
        <init-param>
            <param-name>confPath</param-name>
            <param-value>/WEB-INF/conf/urlrewrite-config.xml</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>urlRewriteFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <!-- Listeners -->
    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener>

    <!-- Context Parameters -->
    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>/WEB-INF/conf/log4j-config.xml</param-value>
    </context-param>

    <!-- Servlets -->
    <servlet>
        <servlet-name>app-dispatcher</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextClass</param-name>
            <param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
        </in开发者_开发问答it-param>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>com.website.config</param-value>
        </init-param>
        <load-on-startup>0</load-on-startup>
    </servlet>

    <!-- Servlet mappings -->
    <servlet-mapping>
        <servlet-name>app-dispatcher</servlet-name>
        <url-pattern>/app/*</url-pattern>
    </servlet-mapping>


</web-app>

From what I understand the springSecurityFilterChain needs ContextLoaderListener. However, because of how my app is configured, if I add:

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

to my web.xml my app doesn't initialize. Is there a way to manually create a ContextLoaderListener in my annotated configuration?

Just create a root application context by using the ContextLoaderListener.

<context-param>
    <description>The Spring configuration files.</description>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/spring/application.xml</param-value>
</context-param>

<listener>
    <description>The Spring context listener.</description>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

Inside the application.xml, you also can define the annotation based config. It will be inherited by the WebApplicationContext of your DispatcherServlet definition.

Then you import your security configuration inside the application.xml. So security will apply to all ApplicationContexts in your configuration.

I believe it works with the following additions under web-app

<context-param>
  <param-name>contextClass</param-name>
  <param-value>
    org.springframework.config.java.context.JavaConfigWebApplicationContext
  </param-value>
</context-param>
<context-param>
  <param-name>contextConfigLocation</param-name>
  <param-value>com.website.config</param-value>
</context-param>

source : http://blog.springsource.com/2008/03/26/spring-java-configuration-whats-new-in-m3/

Do not forget to add "classpath:/" if your root.xml is somewhere different from the web.xml dir. Hope this will help someone in the future.

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>classpath:/appcontext-root.xml</param-value>
</context-param>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

继续阅读:springspring-security

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9