3
我下面的JSP頁面和JSP編譯如預期春季安全。授權對JSP不工作
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
<c:if test="${sessionScope.userName!=null}">
...
</c:if>
在登錄控制器方法我有以下行:
session.setAttribute("userName", name);
我認爲更好用彈簧安全標籤重寫它
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
<sprSec:authorize access="isAuthenticated()">
...
</sprSec:authorize>
現在,當嘗試訪問頁面時,出現以下錯誤:
org.apache.jasper.JasperException: org.apache.jasper.JasperException: An exception occurred processing JSP page /WEB-INF/*/*****.jsp at line 5
2: <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
3: <%@ taglib prefix="sprSec" uri="http://www.springframework.org/security/tags"%>
4:
5: <sprSec:authorize access="isAuthenticated()">
6:
7: <c:set var="profileUrl" value="#" scope="request" />
8: <sprSec:authorize ifAllGranted="ROLE_USER">
....
root cause
javax.servlet.ServletException: javax.servlet.jsp.JspException: java.io.IOException: No visible WebSecurityExpressionHandler instance could be found in the application context. There must be at least one in order to support expressions in JSP 'authorize' tags.
..........
如果我編寫use-expressions =「true」,那麼我會看到錯誤,但是如果我註冊bean(如答案中所述 - 很好) – gstackoverflow 2014-12-08 06:20:59