getAuthentication() 为何有时为空 有时不为空?空指针异常

vitou 发布于 2012/04/27 11:38
阅读 8K+
收藏 0

我采用的springsecurity2

web.xml配置

<context-param>
   <param-name>contextConfigLocation</param-name>
   <param-value>
     classpath:/applicationContext.xml
    classpath:/applicationContext*.xml
     classpath:/security.xml  <!--    -->
   </param-value>
  </context-param> 
<!--    -->
  <filter>
     <filter-name>securityFilter</filter-name>
     <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
     <init-param>
      <param-name>targetBeanName</param-name>
      <param-value>springSecurityFilterChain</param-value>
     </init-param>
  </filter> 
 
  <filter>
   <filter-name>struts2</filter-name>
   <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
  </filter> 
 
 <!--   --> 
  <filter-mapping>
   <filter-name>securityFilter</filter-name>
   <url-pattern>/*</url-pattern>
  </filter-mapping>

     <filter-mapping>
   <filter-name>struts2</filter-name>
   <url-pattern>/*</url-pattern>
  </filter-mapping>
 
  <listener>
   <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
  </listener>
  <listener>
   <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
  </listener>
   <listener>
   <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
  </listener>

security.xml中如下:

<intercept-url pattern="/admin/*" access="ROLE_ADMIN,ROLE_SERVICE,ROLE_KNOWLEDGE"/>
   <form-login login-page="/loginAdmin.jsp" authentication-failure-url="/loginAdmin.jsp?error=true" login-processing-url="/j_spring_check"
   default-target-url="/admin/index" always-use-default-target='true'/>

在admin/index下的action中 可以得到userDetails  或ManagementUser

ManagementUser mu =(ManagementUser)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
  System.out.println(""+mu);

但是在其他的时候访问 getAuthentication()就为空

加载中
0
vitou
vitou

今天改配置把 要使用中的action的拦截器 filters="none" 变化为相应的权限access="ROLE_ADMIN,ROLE_SERVICE"后 测试 后得到的userDetails  或ManagementUser 均不为空,可能有此可以得出 当设置filters="none" 时getAuthentication()得出为空,具体的为什么 还真不知道

返回顶部
顶部