如何在 JSF 中使用 Spring Security Facelets 标记库
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7915134/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use the Spring Security Facelets tag library in JSF
提问by fresh_dev
i want to use The Spring Security Facelets tag libraryto secure my UI components in my JSF 2pages
我想使用Spring Security Facelets 标记库来保护我的JSF 2页面中的UI 组件
i have following dependencies for spring security version 3.0.5:
我对 spring 安全版本 3.0.5 有以下依赖项:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring-security.version}</version>
</dependency>
i configured applicationSecurity.xmlto make spring security login, and it works fine with UserDetailsService, and when tried to add the security definition:
我配置了applicationSecurity.xml来进行 spring 安全登录,它与 UserDetailsService 一起工作正常,当尝试添加安全定义时:
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:ice="http://www.icesoft.com/icefaces/component"
xmlns:pretty="http://ocpsoft.com/prettyfaces"
xmlns:sec="http://www.springframework.org/security/tags">
and when running the application, i got following error:
运行应用程序时,出现以下错误:
Warning: This page calls for XML namespace http://www.springframework.org/security/tags declared with prefix sec but no taglibrary exists for that namespace.
Ref: http://static.springsource.org/spring-security/site/petclinic-tutorial.html
参考:http: //static.springsource.org/spring-security/site/petclinic-tutorial.html
please advise.
请指教。
回答by Amreesh Tyagi
Successfully implemented:
成功实施:
On top of your normal Spring Security dependencies you'll need the following two additional Maven dependencies
除了普通的 Spring Security 依赖项之外,您还需要以下两个额外的 Maven 依赖项
<dependency>
<groupId>org.springframework.webflow</groupId>
<artifactId>spring-faces</artifactId>
<version>2.4.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
in your POM file.
在你的 POM 文件中。
For JSF 2 save the following as /WEB-INF/springsecurity.taglib.xml
对于 JSF 2,将以下内容保存为 /WEB-INF/springsecurity.taglib.xml
<?xml version="1.0"?>
<!DOCTYPE facelet-taglib PUBLIC
"-//Sun Microsystems, Inc.//DTD Facelet Taglib 1.0//EN"
"http://java.sun.com/dtd/facelet-taglib_1_0.dtd">
<facelet-taglib>
<namespace>http://www.springframework.org/security/tags</namespace>
<tag>
<tag-name>authorize</tag-name>
<handler-class>org.springframework.faces.security.FaceletsAuthorizeTagHandler</handler-class>
</tag>
<function>
<function-name>areAllGranted</function-name>
<function-class>org.springframework.faces.security.FaceletsAuthorizeTagUtils</function-class>
<function-signature>boolean areAllGranted(java.lang.String)</function-signature>
</function>
<function>
<function-name>areAnyGranted</function-name>
<function-class>org.springframework.faces.security.FaceletsAuthorizeTagUtils</function-class>
<function-signature>boolean areAnyGranted(java.lang.String)</function-signature>
</function>
<function>
<function-name>areNotGranted</function-name>
<function-class>org.springframework.faces.security.FaceletsAuthorizeTagUtils</function-class>
<function-signature>boolean areNotGranted(java.lang.String)</function-signature>
</function>
<function>
<function-name>isAllowed</function-name>
<function-class>org.springframework.faces.security.FaceletsAuthorizeTagUtils</function-class>
<function-signature>boolean isAllowed(java.lang.String, java.lang.String)</function-signature>
</function>
</facelet-taglib>
Register the above file in web.xml:
在 web.xml 中注册上述文件:
<context-param>
<param-name>javax.faces.FACELETS_LIBRARIES</param-name>
<param-value>/WEB-INF/springsecurity.taglib.xml</param-value>
</context-param>
It will resolve no taglibrary exists warning and now you are ready to use the tag library in your views. You can use the authorize tag to include nested content conditionally:
它将解决 no taglibrary exists 警告,现在您已准备好在视图中使用标签库。您可以使用授权标记有条件地包含嵌套内容:
<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:sec="http://www.springframework.org/security/tags">
<sec:authorize ifAllGranted="ROLE_FOO, ROLE_BAR">
Lorem ipsum dolor sit amet
</sec:authorize>
<sec:authorize ifNotGranted="ROLE_FOO, ROLE_BAR">
Lorem ipsum dolor sit amet
</sec:authorize>
<sec:authorize ifAnyGranted="ROLE_FOO, ROLE_BAR">
Lorem ipsum dolor sit amet
</sec:authorize>
</ui:composition>
参考:https: //docs.spring.io/spring-webflow/docs/2.3.x/reference/html/spring-faces.html#spring-faces-security-taglib
回答by NimChimpsky
You will need to add springsecurity.taglib.xmlfirst as mentioned here:
您需要首先添加springsecurity.taglib.xml,如下所述:
and you should have the org.springframework.facesjar in your classpath in order to use it.
并且您的类路径中应该有org.springframework.facesjar 以便使用它。
then use the security tags as follows:
然后使用安全标签如下:
<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional/<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:sec="http://www.springframework.org/security/tags">
回答by Cristiano Fontes
It's not as easy with JSF as it is with Spring MVC...
使用 JSF 并不像使用 Spring MVC 那样容易...
But you can find a way to do it in this bug report
但是您可以在此错误报告中找到一种方法
https://jira.springsource.org/browse/SWF-1333
https://jira.springsource.org/browse/SWF-1333
last message from Rossen Stoyanchev
罗森·斯托扬切夫 (Rossen Stoyanchev) 的最后一条消息
