我正在做春季保安。当我浏览http://localhost:8080/rest/user/json/quypham
时,会出现以下错误:
[警告] / rest / user / json / quypham java.lang.IllegalArgumentException: 无法评估表达式'ROLE_ADMIN' 在org.springframework.security.access.expression.ExpressionUtils.evalua teAsBoolean(ExpressionUtils.java:15) 在org.springframework.security.web.access.expression.WebExpressionVoter .vote(WebExpressionVoter.java:36) 在org.springframework.security.web.access.expression.WebExpressionVoter .vote(WebExpressionVoter.java:18) 在org.springframework.security.access.vote.AffirmativeBased.decide(Affi) rmativeBased.java:62) 在org.springframework.security.access.intercept.AbstractSecurityInterce ptor.beforeInvocation(AbstractSecurityInterceptor.java:232) 在org.springframework.security.web.access.intercept.FilterSecurityInter
引起: org.springframework.expression.spel.SpelEvaluationException:EL1008E: (pos 0):在对象上找不到属性或字段“ROLE_ADMIN” 输入'org.s pringframework.security.web.access.expression.WebSecurityExpressionRoot” - 也许不公开? 在org.springframework.expression.spel.ast.PropertyOrFieldReference.read 属性(PropertyOrFieldReference.java:215) 在org.springframework.expression.spel.ast.PropertyOrFieldReference.getV alueInternal(PropertyOrFieldReference.java:85) 在org.springframework.expression.spel.ast.PropertyOrFieldReference.getV alueInternal(PropertyOrFieldReference.java:78) 在org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(Sp elNodeImpl.java:114) 在org.springframework.expression.spel.standard.SpelExpression.getValue( SpelExpression.java:105) 在org.springframework.security.access.expression.ExpressionUtils.evalua
我认为文件userservice-servlet.xml
中有错误的内容,请告诉我。
此处归档userservice-servlet.xml
<security:http>
<security:http-basic/>
<security:intercept-url pattern="/rest/**" access="ROLE_ADMIN"/>
</security:http>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:user-service>
<security:user name="datpham" password="Dat12345" authorities="ROLE_ADMIN"/>
<security:user name="hoaipham" password="Hoai12345" authorities="ROLE_USER"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
答案 0 :(得分:0)
我已将spring-security-web
和spring-security-config
版本4.0.3替换为版本3.2.4 ..一切运行正常,但我不明白为什么????