这个方法在进入OnionGamersResourceDao.getAllResource()的时候就抛出java.lang.NullPointerException @Autowired
private SecurityResourceDaoImp OnionGamersResourceDao; private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
System.out.println("afdsfds");
for(Resources item:OnionGamersResourceDao.getAllResource()){
resourceMap.put(item.getUrl(),listToCollection(item.getRole()));
}配置文件 <!--资源数据定义-->
<beans:bean id="OnionGamersPortalMetaDataSource" class="com.onionbbs.security.InvocationSecurityMetadataSource">
<beans:property name="OnionGamersResourceDao" ref="OnionGamersResourceDao"></beans:property>
</beans:bean>
<!-- 查询出所有的资源-->
<beans:bean id="OnionGamersResourceDao" class="com.onionbbs.security.dao.SecurityResourceDaoImp">
</beans:bean>
<beans:bean id="OnionGamersResourceService" class="com.onionbbs.security.service.SecurityResourceServiceImp">
</beans:bean>
Dao类package com.onionbbs.security.dao;import java.util.List;import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;/*实现securityResource获取所有的security资源权限并注入到security框架中*/
public class SecurityResourceDaoImp implements SecurityResourceDao{
@Autowired
private SessionFactory getsessionfactory;
public Session getSession(){
Session session=getsessionfactory.getCurrentSession();
return session;
}
public List<Resources> getAllResource() {
Session se=this.getSession();
String hql="from Resource";
List<Resources> listresource=se.createQuery(hql).list();
return listresource;
}
public List<Role> getRoleByResourceId(int id){
String hql="select r.id,r.name,r.desc from role r,role_resource rr where rr.id=r.id and rr.resource_id=?";
Session se=this.getSession();
List<Role> li=se.createQuery(hql).list();
return li;
}}这个是security的方法
如果我直接定义死了的话就不会报错private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
ConfigAttribute ca = new SecurityConfig("ROLE_ADMIN");
atts.add(ca);
resourceMap.put("/index.jsp", atts);
resourceMap.put("/i.jsp", atts);
}
private SecurityResourceDaoImp OnionGamersResourceDao; private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
System.out.println("afdsfds");
for(Resources item:OnionGamersResourceDao.getAllResource()){
resourceMap.put(item.getUrl(),listToCollection(item.getRole()));
}配置文件 <!--资源数据定义-->
<beans:bean id="OnionGamersPortalMetaDataSource" class="com.onionbbs.security.InvocationSecurityMetadataSource">
<beans:property name="OnionGamersResourceDao" ref="OnionGamersResourceDao"></beans:property>
</beans:bean>
<!-- 查询出所有的资源-->
<beans:bean id="OnionGamersResourceDao" class="com.onionbbs.security.dao.SecurityResourceDaoImp">
</beans:bean>
<beans:bean id="OnionGamersResourceService" class="com.onionbbs.security.service.SecurityResourceServiceImp">
</beans:bean>
Dao类package com.onionbbs.security.dao;import java.util.List;import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;/*实现securityResource获取所有的security资源权限并注入到security框架中*/
public class SecurityResourceDaoImp implements SecurityResourceDao{
@Autowired
private SessionFactory getsessionfactory;
public Session getSession(){
Session session=getsessionfactory.getCurrentSession();
return session;
}
public List<Resources> getAllResource() {
Session se=this.getSession();
String hql="from Resource";
List<Resources> listresource=se.createQuery(hql).list();
return listresource;
}
public List<Role> getRoleByResourceId(int id){
String hql="select r.id,r.name,r.desc from role r,role_resource rr where rr.id=r.id and rr.resource_id=?";
Session se=this.getSession();
List<Role> li=se.createQuery(hql).list();
return li;
}}这个是security的方法
如果我直接定义死了的话就不会报错private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
ConfigAttribute ca = new SecurityConfig("ROLE_ADMIN");
atts.add(ca);
resourceMap.put("/index.jsp", atts);
resourceMap.put("/i.jsp", atts);
}
解决方案 »
- struts2是实现商品种类的添加
- 这个ant为什么只能执行到init就提示向下执行了
- 如何用Javaweb实现上传100MB以上的文件!!!
- 弱弱的问一个关于jsf的问题
- 请教:用JAVA怎样定期的检测WEB 服务器是否开着呢?
- Java新人求索 SSH和SSM开发网站用哪个框架好一些呢
- 请教各位老师文件监听文体
- 关于eclips的问题,实在找不到合适的地方提问了
- 那位大哥帮我解析下这样的错误提示是代表什么意思??谢谢了
- 急,出现数据库连接错误,一启动服务器,mysql关闭, ERROR SqlExceptionHelper Communications link failure
- 谁晓得 struts2.2 和 guice 3.0 怎么整合吗?
- freemarker如何和struts1集成
改为:private SecurityResourceDaoImp onionGamersResourceDao;
<beans:bean id="OnionGamersResourceDao" class="com.onionbbs.security.dao.SecurityResourceDaoImp">
改为:
<beans:bean id="onionGamersResourceDao" class="com.onionbbs.security.dao.SecurityResourceDaoImp">
2)添加
public void setOnionGamersResourceDao(SecurityResourceDao securityResourceDao ){
this.onionGamersResourceDao = securityResourceDao ;
}
for(Resources item:securityResourceService.getAllResources()){
resourceMap.put(item.getUrl(), listRoleToCollection(item.getRole()));
}
一进入这个循环就出错了securityResourceService.getAllResources()这个方法还没执行
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;import com.OnionEntertainment.Security.Service.SecurityResourceServiceImp;
import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;
public class InvocationSecurityMetadataSource
implements FilterInvocationSecurityMetadataSource { private UrlMatcher urlMatcher = new AntUrlPathMatcher();;
private static Map<String, Collection<ConfigAttribute>> resourceMap = null; public InvocationSecurityMetadataSource() {
loadResourceDefine();
}
private SecurityResourceServiceImp securityResourceService;
public void setSecurityResourceService(
SecurityResourceServiceImp securityResourceService) {
this.securityResourceService = securityResourceService;
}
private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
for(Resources item:securityResourceService.getAllResources()){
resourceMap.put(item.getUrl(), listRoleToCollection(item.getRole()));
}
// ConfigAttribute ca = new SecurityConfig("ROLE_ADMIN");
// atts.add(ca);
// resourceMap.put("/index.jsp", atts);
// resourceMap.put("/i.jsp", atts);
}
public Collection<ConfigAttribute> listRoleToCollection(Set<Role> set){
List<ConfigAttribute> list=new ArrayList<ConfigAttribute>();
for(Role role:set){
list.add(new SecurityConfig(role.getName()));
}
return list;
} public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
String url = ((FilterInvocation)object).getRequestUrl();
Iterator<String> ite = resourceMap.keySet().iterator();
while (ite.hasNext()) {
String resURL = ite.next();
if (urlMatcher.pathMatchesUrl(url, resURL)) {
return resourceMap.get(resURL);
}
}
return null;
} public boolean supports(Class<?> clazz) {
return true;
}
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}}<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<!--
一个自定义的filter,必须包含authenticationManager,accessDecisionManager,securityMetadataSource三个属性,
我们的所有控制将在这三个类中实现
-->
<beans:bean id="SecurityFilter"
class="com.onionbbs.security.FilterSecurityInterceptor">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="accessDecisionManager" ref="GamerAccessDecisionManager" />
<beans:property name="securityMetadataSource" ref="GamersMetaDataSource" />
</beans:bean>
<http auto-config="true" access-denied-page="/">
<intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/index.jsp" access="ROLE_USER" />
<custom-filter ref="SecurityFilter" before="FILTER_SECURITY_INTERCEPTOR" />
<form-login login-page="/login.jsp"
authentication-failure-url="/login.jsp" default-target-url="/" />
</http>
<!-- 认证管理器,实现用户认证的入口,主要实现UserDetailsService接口即可 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="UserDetailService"> <!-- <password-encoder hash="md5" />-->
</authentication-provider>
</authentication-manager>
<beans:bean id="UserDetailService" class="com.onionbbs.security.UserDetailService">
</beans:bean>
<!--security的访问决策器,主要决定用户是否有权限访问此资源-->
<beans:bean id="GamerAccessDecisionManager"
class="com.onionbbs.security.GamersAccessDecisionManager">
</beans:bean>
<!--资源数据定义-->
<beans:bean id="GamersMetaDataSource"
class="com.onionbbs.security.InvocationSecurityMetadataSource">
<beans:property name="securityResourceService" ref="securityResourcesServices"></beans:property>
</beans:bean>
<beans:bean id="securityResourceDao" class="com.OnionEntertainment.Security.Dao.SecurityResourceDaoImp">
</beans:bean>
<beans:bean id="securityResourcesServices" class="com.OnionEntertainment.Security.Service.SecurityResourceServiceImp">
<beans:property name="securityResourcesDao" ref="securityResourceDao"> </beans:property>
</beans:bean>
<beans:bean id="securityUserDao" class="com.OnionEntertainment.Security.Dao.SecurityUserDaoImp">
</beans:bean>
<beans:bean id="securityUserService" class="com.OnionEntertainment.Security.Service.SecurityUserServiceImp">
<beans:property name="securityuserdao" ref="securityUserDao"></beans:property>
</beans:bean>
</beans:beans>
package com.OnionEntertainment.Security.Dao;import java.util.List;import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;import com.onionbbs.model.Resources;public class SecurityResourceDaoImp implements SecurityResourceDao{ @Autowired
private SessionFactory sessionfa;
public Session getSession(){
Session se=sessionfa.getCurrentSession();
return se;
}
public List<Resources> getAllResources() {
String hql="from resource";
Session se=this.getSession();
Query query=se.createQuery(hql);
List<Resources> resource=query.list();
return resource;
}}
package com.OnionEntertainment.Security.Service;import java.util.List;import com.OnionEntertainment.Security.Dao.SecurityResourceDaoImp;
import com.onionbbs.model.Resources;public class SecurityResourceServiceImp implements SecurityResourceService{
private SecurityResourceDaoImp securityResourcesDao;
public void setSecurityResourcesDao(SecurityResourceDaoImp securityResourcesDao) {
this.securityResourcesDao = securityResourcesDao;
} public List<Resources> getAllResources() {
return securityResourcesDao.getAllResources();
}
}