版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/xz2001/article/details/86370437
前几篇已将spring boot升级到了2.0.6,实际上还遇到了一些问题,前方只是简单说了下。这里详细说下升级过程和问题解决办法。
1、修改pom.xml
首先是将spring boot升级到了2.0.6,同时将分页插件pagehelper由1.1.0升级到1.2.5,只改相应的版本号,其他不动。
2、解决废弃 WebMvcConfigurerAdapter 的问题
在《基于 Spring Boot 的 SSM 环境整合十二:使用JSP的自定义标签(tld)》中,为了关闭“Custom EL functions won't be loaded because no ObjectWrapper was specified ..”提示,创建了类“ TldConfig”,这个类是从“WebMvcConfigurerAdapter"继承的,但在spring boot2.0中"WebMvcConfigurerAdapter"已废弃,需要实现“WebSecurityConfigurer”接口,或者从其实现的虚类中中继承。
实际上,SecurityConfig所继承的虚类“WebSecurityConfigurerAdapter”就实现了"WebSecurityConfigurer"接口“。所以,我们可以在SecurityConfig类中解决,加入如下代码:
@Autowired
private FreeMarkerConfigurer configurer;
@PostConstruct
public void freeMarkerConfigurer() {
List<String> tlds = new ArrayList<String>();
TaglibFactory taglibFactory = configurer.getTaglibFactory();
taglibFactory.setClasspathTlds(tlds);
if (taglibFactory.getObjectWrapper() == null) {
taglibFactory.setObjectWrapper(configurer.getConfiguration().getObjectWrapper());
}
}
完成后的SecurityConfig类完整代码如下:
package com.whowii.website4.security;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.PostConstruct;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer;
import freemarker.ext.jsp.TaglibFactory;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private MyAuthenticationProvider authProvider;
@Autowired
private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
@Autowired
private MyAuthenticationFailHander myAuthenticationFailHander;
@Autowired
private FreeMarkerConfigurer configurer;
@PostConstruct
public void freeMarkerConfigurer() {
List<String> tlds = new ArrayList<String>();
TaglibFactory taglibFactory = configurer.getTaglibFactory();
taglibFactory.setClasspathTlds(tlds);
if (taglibFactory.getObjectWrapper() == null) {
taglibFactory.setObjectWrapper(configurer.getConfiguration().getObjectWrapper());
}
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
System.out.println("SecurityConfig.configure > http");
http.csrf().disable().authorizeRequests().antMatchers("/manage/demo/hello").permitAll() // 此页面允许任何人访问,即使未登录
.antMatchers("/manage/demo/info1").hasAnyRole("ADMIN") // 仅允许 ADMIN 角色的用户访问
.antMatchers("/manage/demo/info2").hasAnyRole("USER") // 仅允许 USER 角色的用户访问
.and().formLogin().loginPage("/manage/demo/login") // 自定义登录页面
.successHandler(myAuthenticationSuccessHandler).failureHandler(myAuthenticationFailHander).permitAll() // 允许任何用户访问
.and().logout().logoutUrl("/manage/demo/exit") // 退出登录
.logoutSuccessUrl("/manage/demo/index") // 退出登录成功返回的页面
.permitAll() // 也允许任务用户访问
.and().exceptionHandling();
}
}
此时再启动应用,就没有错误信息了。这里要说下,加入的代码与我用的视图引擎有关,我用的是FreeMarker模板。