2
我正在使用Spring集成2.0.0并希望确保对Spring集成公开的Web服务的调用安全。所以我使用了安全通道,并且使用Spring-core 3.0.5和Spring security 3.0.5,它工作良好。当使用Spring-ws弹簧集成和弹簧安全性时使用什么版本
但后来我想使用Spring Web服务的WSS拦截器。随后而来的以下问题: 当我宣布XwsSecurityInterceptor这样的:
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
<description>
This interceptor validates incoming messages according to the policy defined in 'securityPolicy.xml'.
The policy defines that all incoming requests must have a UsernameToken with a password digest in it.
The actual authentication is performed by the Spring Security callback handler.
</description>
<property name="secureResponse" value="false"/>
<property name="policyConfiguration"
value="classpath:securityPolicy.xml"/>
<property name="callbackHandler">
<bean class="org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler">
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
</property>
</bean>
我得到这个堆栈:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'wsSecurityInterceptor' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Cannot create inner bean 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' of type [org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler] while setting bean property 'callbackHandler'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:281)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:120)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1317)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1076)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:291)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:288)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:574)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:895)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:425)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:3391)
at org.apache.catalina.loader.WebappLoader.backgroundProcess(WebappLoader.java:426)
at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1309)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1601)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1610)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1590)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.ws.soap.security.xwss.callback.SpringPlainTextPasswordValidationCallbackHandler#b0dbb' defined in class path resource [SES/Operations/Logging/applicationContext-security.xml]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:527)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:456)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:270)
... 25 more
Caused by: java.lang.NoClassDefFoundError: org/springframework/security/AuthenticationManager
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
at java.lang.Class.privateGetPublicMethods(Class.java:2547)
at java.lang.Class.getMethods(Class.java:1410)
at java.beans.Introspector.getPublicDeclaredMethods(Introspector.java:1280)
at java.beans.Introspector.getTargetMethodInfo(Introspector.java:1154)
at java.beans.Introspector.getBeanInfo(Introspector.java:405)
at java.beans.Introspector.getBeanInfo(Introspector.java:164)
at org.springframework.beans.CachedIntrospectionResults.<init>(CachedIntrospectionResults.java:224)
at org.springframework.beans.CachedIntrospectionResults.forClass(CachedIntrospectionResults.java:149)
at org.springframework.beans.BeanWrapperImpl.getCachedIntrospectionResults(BeanWrapperImpl.java:305)
at org.springframework.beans.BeanWrapperImpl.getPropertyDescriptorInternal(BeanWrapperImpl.java:335)
at org.springframework.beans.BeanWrapperImpl.isWritableProperty(BeanWrapperImpl.java:407)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1319)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1076)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:517)
... 27 more
Caused by: java.lang.ClassNotFoundException: org.springframework.security.AuthenticationManager
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1645)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1491)
... 43 more
我的Maven依赖是:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-core</artifactId>
<version>1.5.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-server-jndi</artifactId>
<version>1.5.5</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
<version>1.5.9</version>
<scope>runtime</scope>
<exclusions>
<exclusion>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
</exclusion>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Spring integration dependencies -->
<dependency>
<groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-xml</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-security</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-ws</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
我想这事做了依赖性问题,因为我读一些包已2.x和3.x版本之间的返工。请注意,我不得不将spring-ws-security的传递依赖关系排除到spring-beans上,因为它带来了2.0.6版本的spring bean,它与3.0.5版本的jar相冲突。
所以我的问题是:我应该使用什么版本的不同Spring模块(Spring-ws,Spring-integration,Spring-security,Spring-framework)?
预先感谢任何帮助
法布里斯
嗨iwein,我升级了spring-WS到最新的2.0快照,它工作正常。谢谢你的帮助! – 2011-01-10 14:33:48