Spring Security 3.0.5 - 如何在security.xml中指定数据源？

Question

对于AppFuse 2.1（使用Spring Security 3.0.5和iBatis）动态定义安全的URL时，有人能帮我解决“java.lang.IllegalArgumentException：No DataSource specified”问题吗？

在我开始动态定义安全的URL之前，security.xml中的以下命名空间工作正常。

... 
<http auto-config="false" lowercase-comparisons="false"> 
    <intercept-url pattern="/images/**" filters="none"/> 
    <intercept-url pattern="/styles/**" filters="none"/> 
    <intercept-url pattern="/scripts/**" filters="none"/> 
    <intercept-url pattern="/app/admin/**" access="ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/passwordHint*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/signup*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> 
    <intercept-url pattern="/app/**" access="ROLE_ADMIN,ROLE_USER"/> 
    <form-login login-page="/login" authentication-failure-url="/login?error=true" login-processing-url="/j_security_check"/> 
    <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/> 
</http> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="userDao"> 
     <password-encoder ref="passwordEncoder"/> 
    </authentication-provider> 
</authentication-manager> 
... 

但经过我注释掉元素和security.xml文件添加以下内容中，“userDAO的”没有由于没有指定数据源工作。

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xmlns:beans="http://www.springframework.org/schema/beans" 
     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
      http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 

<beans:bean id="springSecurityFilterChain" 
      class="org.springframework.security.web.FilterChainProxy"> 
    <filter-chain-map path-type="ant"> 
     <filter-chain pattern="/images/**" filters="none"/> 
     <filter-chain pattern="/styles/**" filters="none"/> 
     <filter-chain pattern="/scripts/**" filters="none"/> 
     <filter-chain pattern="/app/**" filters=" 
     securityContextPersistenceFilter, 
     logoutFilter, 
     authenticationProcessingFilter, 
     exceptionTranslationFilter, 
     filterSecurityInterceptor"/> 
    </filter-chain-map> 
</beans:bean> 

<beans:bean id="securityContextPersistenceFilter" 
       class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> 
</beans:bean> 
<beans:bean id="logoutFilter" 
      class="org.springframework.security.web.authentication.logout.LogoutFilter"> 
    <beans:constructor-arg value="/login"/> 
    <beans:constructor-arg ref="logoutHandler"> 
    </beans:constructor-arg> 
</beans:bean> 
<beans:bean id="logoutHandler" 
      class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"> 
</beans:bean> 
<beans:bean id="authenticationProcessingFilter" 
      class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="authenticationSuccessHandler" 
        ref="authenticationSuccessHandler"/> 
    <beans:property name="filterProcessesUrl" value="/j_security_check"/> 
</beans:bean> 
<beans:bean id="authenticationSuccessHandler" 
      class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler"> 
    <beans:property name="defaultTargetUrl" value="/app/mainMenu"/> 
</beans:bean> 
<beans:bean id="exceptionTranslationFilter" 
      class="org.springframework.security.web.access.ExceptionTranslationFilter"> 
    <beans:property name="authenticationEntryPoint" ref="authenticationEntryPoint"/> 
    <beans:property name="accessDeniedHandler" ref="accessDeniedHandler"/> 
</beans:bean> 

<beans:bean id="authenticationEntryPoint" 
      class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> 
    <beans:property name="loginFormUrl" value="/login"/> 
</beans:bean> 

<beans:bean id="accessDeniedHandler" 
      class="org.springframework.security.web.access.AccessDeniedHandlerImpl"> 
    <beans:property name="errorPage" value="/403.jsp"/> 
</beans:bean> 


<beans:bean id="filterSecurityInterceptor" 
      class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> 
    <beans:property name="authenticationManager" ref="authenticationManager"/> 
    <beans:property name="accessDecisionManager" ref="accessDecisionManager"/> 
    <beans:property name="securityMetadataSource" ref="myFilterInvocationSecurityMetadataSource"/> 
</beans:bean> 
<beans:bean id="myFilterInvocationSecurityMetadataSource" 
      class="com.tangram.ebiz.webapp.authentication.MyFilterInvocationSecurityMetadataSource"> 
</beans:bean> 


<beans:bean id="accessDecisionManager" 
      class="org.springframework.security.access.vote.AffirmativeBased"> 
    <beans:property name="decisionVoters"> 
     <beans:list> 
      <beans:bean class="org.springframework.security.access.vote.RoleVoter"> 
       <beans:property name="rolePrefix" value="ROLE_"/> 
      </beans:bean> 
      <beans:bean 
        class="org.springframework.security.access.vote.AuthenticatedVoter"/> 
     </beans:list> 
    </beans:property> 
</beans:bean> 


<beans:bean id="userDao" 
      class="com.tangram.ebiz.dao.ibatis.UserDaoiBatis"> 
    <beans:property name="sqlMapClient" ref="sqlMapClient"/> 
</beans:bean> 
<beans:bean id="sqlMapClient" 
      class="com.ibatis.sqlmap.engine.impl.SqlMapClientImpl"> 
    <beans:constructor-arg ref="sqlMapExecutorDelegate"/> 
</beans:bean> 
<beans:bean id="sqlMapExecutorDelegate" 
      class="com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate"> 
</beans:bean> 

<beans:bean id="dataSource" 
      class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
    <beans:property name="driverClassName" value="oracle.jdbc.OracleDriver"/> 
    <beans:property name="url" value="jdbc:oracle:thin:@localhost:1521:XE"/> 
    <beans:property name="username" value="ebiz"/> 
    <beans:property name="password" value="ebiz"/> 
</beans:bean> 
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager"> 
    <beans:property name="providers"> 
     <beans:list> 
      <beans:ref local="daoAuthenticationProvider"/> 
      <beans:ref local="anonymousAuthenticationProvider"/> 
     </beans:list> 
    </beans:property> 
</beans:bean> 

<beans:bean id="daoAuthenticationProvider" 
      class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> 
    <beans:property name="userDetailsService" ref="userDao"/> 
    <beans:property name="passwordEncoder" ref="passwordEncoder"/> 
</beans:bean> 
<beans:bean id="anonymousAuthenticationProvider" 
      class="org.springframework.security.authentication.AnonymousAuthenticationProvider"> 
    <beans:property name="key" value="doesNotMatter"/> 
</beans:bean> 
<!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class --> 
<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/> 

<global-method-security> 
    <protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))" access="ROLE_ADMIN"/> 
    <protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/> 
</global-method-security> 
</beans:beans> 

Answer 1

如果您使用的是自定义的用户服务，你需要参考的是：

<security:authentication-manager> 
    <security:authentication-provider user-service-ref="myUserDetailsService"> 
     <security:password-encoder ref="md5" /> 
    </security:authentication-provider> 
</security:authentication-manager> 

如果您正在使用JDBC，只是要对一组表，你只是参考的数据源：

<security:authentication-manager> 
    <security:authentication-provider> 
     <security:jdbc-user-service data-source-ref="my-ds"/> 
     <security:password-encoder hash="md5"/> 
    </security:authentication-provider> 
</security:authentication-manager>