我在给方法配置保护时用了http://family168.com/tutorial/springsecurity/html/ns-config.html#ns-method-security上说的两种方法,1,在application context中加入<global-method-security secured-annotations="enabled" jsr250-annotations="enabled"/>,然后在需要保护的方法上面加上@Secured("ROLE_ADMIN")
2,在application context配置bean时加上 <protect method="doit*" access="ROLE_ADMIN" />
就类似于<bean:bean id="target" class="com.mycompany.myapp.MyBean">
<intercept-methods>
<protect method="set*" access="ROLE_ADMIN" />
<protect method="get*" access="ROLE_ADMIN,ROLE_USER" />
<protect method="doSomething" access="ROLE_USER" />
</intercept-methods>
</bean:bean>现在问题是我用哪种方法都会出一个异常:
org.springframework.security.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext请问这是怎么回事?
2,在application context配置bean时加上 <protect method="doit*" access="ROLE_ADMIN" />
就类似于<bean:bean id="target" class="com.mycompany.myapp.MyBean">
<intercept-methods>
<protect method="set*" access="ROLE_ADMIN" />
<protect method="get*" access="ROLE_ADMIN,ROLE_USER" />
<protect method="doSomething" access="ROLE_USER" />
</intercept-methods>
</bean:bean>现在问题是我用哪种方法都会出一个异常:
org.springframework.security.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext请问这是怎么回事?
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货