1. 首页
  2. 问答
  3. 无法将Spring Security BASIC身份验证集成到Jersey/JAX-RS和Tomcat中

无法将Spring Security BASIC身份验证集成到Jersey/JAX-RS和Tomcat中

2011-06-14 48 views
4

我试图将BASIC身份验证添加到使用Jersey/JAX-RS和Tomcat Apache 7.0创建的RESTful Web服务。将来我想在WebSphere上部署这个Web服务,所以我选择使用Spring Security(ver 2.5.6)作为我的项目。无法将Spring Security BASIC身份验证集成到Jersey/JAX-RS和Tomcat中

我的问题是这样的:虽然我相信我的各种XML文件是正确的,我已经将spring.jar添加到我的类路径启动服务器时出现以下错误。

SEVERE: Error configuring application listener of class 
org.springframework.web.context.ContextLoaderListener java.lang.NoClassDefFoundError: javax/servlet/ServletContextListener 
at java.lang.ClassLoader.defineClass1(Native Method) 
at java.lang.ClassLoader.defineClassCond(Unknown Source) 
    ...

等等。我看过的每个资源都说明我应该将spring.jar添加到我的类路径中,这是我的。我对Spring完全陌生,所以如果我的任何文件安装不正确,请告诉我。以下是所有相关的XML文件和设置。

安全的applicationContext.xml:

<?xml version="1.0" encoding="UTF-8"?> 

<beans xmlns="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:security="http://www.springframework.org/schema/security" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
         http://www.springframework.org/schema/beans/spring-beans-2.5.xsd 
         http://www.springframework.org/schema/security 
         http://www.springframework.org/schema/security/spring-security-2.0.xsd"> 

<security:global-method-security secured-annotations="enabled"/> 

<security:http> 
    <security:http-basic/> 
    <security:intercept-url pattern="/**" access="ROLE_USER"/> 
</security:http> 


<security:authentication-manager alias="authenticationManager"/> 


<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter"> 
    <property name="authenticationEntryPoint" ref="authenticationEntryPoint"/> 
    <property name="authenticationManager" ref="authenticationManager"/> 
</bean> 


<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"> 
    <!--property name="contextClass" value="org.springframework.security.context.SecurityContextImpl"/--> 
    <property name="allowSessionCreation" value="false"/> 
</bean> 


<bean id="httpSessionContextIntegrationFilterWithASCFalse" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"> 
    <property name="allowSessionCreation" value="false"/> 
</bean> 

<bean id="authenticationEntryPoint" 
     class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint"> 
    <property name="realmName" value="Your realm name"/> 
</bean> 

<security:authentication-provider> 
    <security:password-encoder hash="md5"/> 
    <security:user-service> 
     <security:user name="admin" password="2fa3fa1c2deff56ed33e0bf974f2e29e" authorities="ROLE_PARTNER, ROLE_USER"/> 
    </security:user-service> 
</security:authentication-provider>

的applicationContext.xml(有人告诉我,这可能是空的):

<beans></beans>

的web.xml:

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee 
/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> 
<display-name>TestService</display-name> 
<servlet> 
    <servlet-name>Jersey REST Service</servlet-name> 
    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class> 
<init-param> 
    <param-name>com.sun.jersey.config.property.packages</param-name> 
    <param-value>TestService</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>Jersey REST Service</servlet-name> 
    <url-pattern>/*</url-pattern> 
</servlet-mapping> 

<listener> 
    <listener-class> 
    org.springframework.web.context.ContextLoaderListener 
    </listener-class> 
</listener> 

<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value> 
     /WEB-INF/security-applicationContext.xml, 
     /WEB-INF/applicationContext.xml 
    </param-value> 
</context-param> 

<!-- Enables Spring Security --> 

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class> 
     org.springframework.web.filter.DelegatingFilterProxy 
    </filter-class> 
    <init-param> 
     <param-name>targetBeanName</param-name> 
     <param-value>springSecurityFilterChain</param-value> 
    </init-param> 
</filter> 

<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

</web-app>

最后,我的文件结构:

My file structure

和我的服务器的运行配置:

Run Configuration

来源

2011-06-14 SC Ghost

回答

3

This看起来像一个类似的问题。

您可能想尝试不同的Tomcat版本。

您缺少依赖关系。

最小弹簧安全的依赖应该是:

<properties> 
    <spring.version>3.0.1.RELEASE</spring.version> 
</properties> 
<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-web</artifactId> 
    <version>${spring.version}</version> 
</dependency> 
<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-config</artifactId> 
    <version>${spring.version}</version> 
</dependency> 
<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-taglibs</artifactId> 
    <version>${spring.version}</version> 
</dependency> 
<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-core</artifactId> 
    <version>${spring.version}</version> 
</dependency>

你似乎没有被使用maven所以this site将帮助您找到您所需要的罐子。只要搜索<artifactId>,您就可以下载依赖关系的.jar。

This HOWTO可能会帮助您在最小的弹簧安全配置。

来源

2011-06-14 14:59:40 Simeon

+0

我已经添加了所有那些过去的jar,并且我收到了同样的错误,这就是为什么我试图使用Spring 2.5.6代替它,因为它只有一个jar文件作为依赖项。我再次尝试使用您的解决方案,错误依然存在。我已经添加了罐子,然后将它们添加到课程路径中。 – 2011-06-14 15:17:34

+0

嗯,缺少的类通常在servlet.jar中找到,您是否尝试过在此确切的服务器上部署其他东西? – Simeon 2011-06-14 15:19:43

+0

与servlets的东西我的意思是:) – Simeon 2011-06-14 15:20:57

相关问题

 相关问题