oliver_105397
Ultraman_TigaSang
2019-01-11 11:32

spring-security-oauth2:intercept-url的access字段IS_AUTHENTICATED_FULLY无法使用了

  • spring
  • java

最近把spring-security-oauth2的版本更新到了最新版,发现路径限制的access属性已经不能再使用原有的字符串和hasRole等函数了,百度上找的都是旧版的用法,官网也没怎么看懂,求大佬支招
下面两种方式都试过了,还是没法启动。

<security:intercept-url pattern="/oauth/token" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />

<security:intercept-url pattern="/api/**" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/api/**" access="IS_AUTHENTICATED_FULLY" />
Caused by: java.lang.IllegalArgumentException: Unsupported configuration attributes: [hasRole('ROLE_USER')]
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:176)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1804)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1741)
    ... 47 more
  • 点赞
  • 回答
  • 收藏
  • 复制链接分享

2条回答