上下文中没有注册 bean 解析器来解析对 bean 的访问

本文介绍了上下文中没有注册 bean 解析器来解析对 bean 的访问的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试使用 Java Config 实现方法安全性，但出现错误:-

I'm trying to implement method security using Java Config, but I'm getting a error:-

org.springframework.expression.spel.SpelEvaluationException: EL1057E:(pos 1): No bean resolver registered in the context to resolve access to bean 'appPermissionEvaluator'

方法是:-

@PreAuthorize("@appPermissionEvaluator.hasSystemPermission()")
public String something() {
    ...
}

Config 类定义为 (MethodSecurityConfig.java):-

The Config class definition is (MethodSecurityConfig.java):-

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {

    @Bean
    public AppPermissionEvaluator appPermissionEvaluator() {
        return new AppPermissionEvaluator();
    }

    @Override
    protected MethodSecurityExpressionHandler createExpressionHandler() {
        DefaultMethodSecurityExpressionHandler expressionHandler =
                new DefaultMethodSecurityExpressionHandler();
        expressionHandler.setPermissionEvaluator(appPermissionEvaluator());
        return expressionHandler;
    }

    ...
}

我检查了我是否能够在同一个类中自动装配 bean，而且我发现默认的 hasPermission() 方法在我实现它们时正在工作，唯一的问题是从 SpEL 读取 bean.我不确定出了什么问题.任何指针?

I checked that I'm able to autowire the bean in the same class, also I found the default hasPermission() methods are working as I've implemented them, the only problem is reading the bean from SpEL. I'm not sure what's wrong. Any Pointers?

我使用的是 Spring 4.1.5 和 Spring security 3.2.7

I'm using Spring 4.1.5 and Spring security 3.2.7

推荐答案

您需要确保在 DefaultMethodSecurityExpresssionHandler 上设置 ApplicationContext.例如:

You need to ensure that you set the ApplicationContext on the DefaultMethodSecurityExpresssionHandler. For example:

@Autowired
private ApplicationContext context;

// ...

@Override
protected MethodSecurityExpressionHandler expressionHandler() {
    DefaultMethodSecurityExpressionHandler expressionHandler =
            new DefaultMethodSecurityExpressionHandler();
    expressionHandler.setPermissionEvaluator(appPermissionEvaluator());

    // !!!
    expressionHandler.setApplicationContext(context);

    return expressionHandler;
}

或者更简洁地，如果您将单个 PermissionEvaluator 定义为 Bean，Spring Security 将自动选择它(无需覆盖 expressionHandler()).例如:

Alternatively and more concisely, if you define a single PermissionEvaluator as a Bean and Spring Security will automatically pick it up (no need to override expressionHandler()). For example:

@Bean
public PermissionEvaluator appPermissionEvaluator() {
    ...
}

这篇关于上下文中没有注册 bean 解析器来解析对 bean 的访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！