cas 单点登录 --自定义审计日记@Audit()
错误信息:
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@50b13f08 targetAction = [EvaluateAction@1e91236d expression =
authorityCacheAction.authorityCacheByST(flowRequestContext,service), resultExpression = [null]], attributes = map[[empty]]]
in state 'authorityCacheAction' of flow 'login' -- action execution attributes were 'map[[empty]]'
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:51)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:232)
at org.springframework.webflow.engine.ViewState.resume(ViewState.java:196)
at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:258)
at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:933)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:867)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:855)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:829)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:125)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:54)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.servlet.filter.RequestDumperFilter.doFilter(RequestDumperFilter.java:86)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.cas.web.filter.GetSessionCookieFilter.doFilter(GetSessionCookieFilter.java:112)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.servlet.filter.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:616)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1533)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1489)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.binding.expression.EvaluationException:
An ELException occurred getting the value for expression 'authorityCacheAction.authorityCacheByST(flowRequestContext,service)' on context [class org.springframework.webflow.engine.impl.RequestControlContextImpl]
at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:92)
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:75)
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
... 88 more
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1004E:(pos 21): Method call: Method authorityCacheByST(org.springframework.webflow.engine.impl.RequestControlContextImpl,
org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl)cannot be found on com.sun.proxy.$Proxy46 type
at org.springframework.expression.spel.ast.MethodReference.findAccessorForMethod(MethodReference.java:202)
at org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:118)
at org.springframework.expression.spel.ast.MethodReference.access$000(MethodReference.java:44)
at org.springframework.expression.spel.ast.MethodReference$MethodValueRef.getValue(MethodReference.java:258)
at org.springframework.expression.spel.ast.CompoundExpression.getValueInternal(CompoundExpression.java:82)
at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:102)
at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:98)
at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:84)
... 92 more
错误信息基本上是红色部分。
场景还原:
1、cas单点登录,想自定义审计注入【@Audit()】,于是在cas登录流程加入了一个自己写的类:
public class AuthorityCacheAction {
private static final Logger logger = LoggerFactory.getLogger(AuthorityCacheAction.class);
private RedisUtil redisUtil;
public RedisUtil getRedisUtil() {
return redisUtil;
}
public void setRedisUtil(RedisUtil redisUtil) {
this.redisUtil = redisUtil;
}
@Audit(action = "MY_AUTHORITY_CACHE_TICKET", actionResolverName = "MY_AUTHORITY_CACHE_TICKET_RESOLVER", resourceResolverName = "MY_AUTHORITY_CACHE_TICKET_RESOURCE_RESOLVER")
@Transactional(readOnly = false)
public Event authorityCacheByST(RequestContext context, Service service) throws Exception {
看重点部分:
MyServiceTicket myServiceTicket = (MyServiceTicket) attributes.get("serviceTicketId");
myServiceTicket.setServiceTicketId(serviceTicketId);
redisUtil.set(serviceTicketId, attributes.get("groupAuthorities").toString());
return new Event(this, "success");
}
}
cas登录流程流程代码:
<action-state id="authorityCacheAction">
<evaluate expression="authorityCacheAction.authorityCacheByST(flowRequestContext,service)" />
<transition on="success" to ="warn" />
</action-state>
aop切入点声明:
<aop:aspectj-autoproxy/> <bean id="authorityCacheAction" class="com.tyky.cas.web.AuthorityCacheAction"
p:redisUtil-ref="redisUtil"/> ...........
差不多就是事故现场了,单点登录到这个流程,就会报以上错误!还有种错误情况情况就是redisUtil 为null,redisUtil 的bean声明在另一个xml文件中,一直以为是xml加载顺序的原因,尝试将两个bean的声明写在同一个xml中,redisUtil不为空了,但是我的审计@Audit()方法不起作用,于是在想为什么不能注入,已经声明了
<aop:aspectj-autoproxy/>
并将class在里面声明了。
后来各种在网上尝试找方法,看到了一句 "原来Sprig AOP默认情况下创建的代理是基于接口的,所以类的属性是不能通过代理来访问的,这就是为什么前面报这样的错了!",尝试将该类添加一个接口,于是心愿了了。
public class AuthorityCacheAction implements IAuthorityCacheAction {
.......
}
接口:
public interface IAuthorityCacheAction {
public Event authorityCacheByST(RequestContext context,Service service) throws Exception;
}
参考资料中是用另外一种方式解决的。
动态代理:
内容是摘抄的,不知最初的原作者,见谅
Java 动态代理。具体有如下四步骤:
- 通过实现 InvocationHandler 接口创建自己的调用处理器;
- 通过为 Proxy 类指定 ClassLoader 对象和一组 interface 来创建动态代理类;
- 通过反射机制获得动态代理类的构造函数,其唯一参数类型是调用处理器接口类型;
- 通过构造函数创建动态代理类实例,构造时调用处理器对象作为参数被传入。
GCLIB代理
cglib(Code Generation Library)是一个强大的,高性能,高质量的Code生成类库。它可以在运行期扩展Java类与实现Java接口。
cglib封装了asm,可以在运行期动态生成新的class。
cglib用于AOP,jdk中的proxy必须基于接口,cglib却没有这个限制。
原理区别:
java动态代理是利用反射机制生成一个实现代理接口的匿名类,在调用具体方法前调用InvokeHandler来处理。而cglib动态代理是利用asm开源包,对代理对象类的class文件加载进来,通过修改其字节码生成子类来处理。
1、如果目标对象实现了接口,默认情况下会采用JDK的动态代理实现AOP
2、如果目标对象实现了接口,可以强制使用CGLIB实现AOP
3、如果目标对象没有实现了接口,必须采用CGLIB库,spring会自动在JDK动态代理和CGLIB之间转换
如何强制使用CGLIB实现AOP?
* 添加CGLIB库,SPRING_HOME/cglib/*.jar
* 在spring配置文件中加入<aop:aspectj-autoproxy proxy-target-class="true"/>
JDK动态代理和CGLIB字节码生成的区别?
* JDK动态代理只能对实现了接口的类生成代理,而不能针对类
* CGLIB是针对类实现代理,主要是对指定的类生成一个子类,覆盖其中的方法
因为是继承,所以该类或方法最好不要声明成final。
曾尝试过使用<aop:aspectj-autoproxy proxy-target-class="true"/> ,可能因为含有这个aop声明的xml文件包含其他bean的声明导致出错,我就是用了接口的方式。
reference: http://blog.csdn.net/gxlstone/article/details/12955063
cas 单点登录 --自定义审计日记@Audit()的更多相关文章
- CAS 单点登录【2】自定义用户验证
基础不太熟的同学可以先去看:CAS 单点登录[1]入门 方案1:CAS默认的JDBC扩展方案: CAS自带了两种简单的通过JDBC方式验证用户的处理器. 1.QueryDatabaseAuthe ...
- SSO之CAS单点登录详细搭建教程
本教程是我个人编写,花费几个小时的时间,给需要学习的人员学习使用,希望能帮助到你们. [环境说明]:本文演示过程在同一个机器上的(也可以在三台实体机器或者三个的虚拟机上),环境如下: windows7 ...
- CAS单点登录(SSO)服务端的部署和配置---连接MySQL进行身份认证
一.修改系统host,加入 127.0.0.1 server.test.com127.0.0.1 client1.test.com127.0.0.1 client2.test.com 二.安装grad ...
- SSO单点登录系列5:cas单点登录增加验证码功能完整步骤
本篇教程cas-server端下载地址:解压后,直接放到tomcat的webapp目录下就能用了,不过你需要登录的话,要修改数据源,C:\tomcat7\webapps\casServer\WEB-I ...
- Spring boot security权限管理集成cas单点登录
挣扎了两周,Spring security的cas终于搞出来了,废话不多说,开篇! Spring boot集成Spring security本篇是使用spring security集成cas,因此,先 ...
- CAS单点登录系列之极速入门于实战教程(4.2.7)
@ 目录 一. SSO简介 1.1 单点登录定义 1.2 单点登录角色 1.3 单点登录分类 二. CAS简介 2.1 CAS简单定义 2.2 CAS体系结构 2.3 CAS原理 三.CAS服务端搭建 ...
- SSO之CAS单点登录实例演示
本文目录: 一.概述 二.演示环境 三.JDK安装配置 四.安全证书配置 五.部署CAS-Server相关的Tomcat 六.部署CAS-Client相关的Tomcat 七. 测试验证SSO 一.概述 ...
- cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused
cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused 环境: ...
- CAS单点登录中文用户名乱码问题
CAS单点登录中文用户名乱码问题,有两种情况 1. CAS server乱码 即在向server端提交用户名和密码时,发生了乱码,解决方法是: 打开WEB-INF/web.xml,在其它的Filter ...
随机推荐
- PDCA 价值所在
企业IT服务管理实施 不提倡一步到位 对企业IT部门来说,实施ITIL Service Support(服务支持)的意义在于清晰梳理日常IT运维管理过程中遇到的各种各样的事,使IT运维过程变得有序连贯 ...
- mongo文件空间
mongo的文件空间,是由一个一个的文件空间组成,如下图 在mongodb刚安装完成时只有一个指定的db都只有一个文件空间而已,例如这里的db是filedb 那么他的第一个文件空间为filedb.0, ...
- node.js模块依赖及版本号
摘要: Node.js最重要的一个文件就是package.json,其中的配置参数决定了功能.例如下面就是一个例子 { "name": "test", &quo ...
- GDAL------加载Shapefile文件
代码: using System; using System.Collections.Generic; using System.Linq; using System.Text; using Syst ...
- Oracle批量执行SQL语句
SQLServer的场合,用";"分割SQL语句即可正常执行. Oracle的场合,会报ORA-00911错误.Oracle中需要加上begin end才正确. Dim Sql A ...
- ssh事务回滚,纪念这几个月困扰已久的心酸
以前的事务采用的是JTA,xml注入的方式.本人就着开发要优雅合理利用轮子的态度,一直不满意JTA式的申明和切入方式. spring的注解方式多优雅,可是万恶的直到项目快要上线时终于找到了注解式不能回 ...
- MongoDB管理
前几篇文章都是从开发和使用的角度了解了MongoDB的各个知识点,这篇文章将从MongoDB管理的角度入手,了解MongoDB管理所要了解的基本知识. 数据库命令 在前面几篇文章中,已经接触了一些数据 ...
- java命令启动jar包
本人对这些命令也是一知半解,记录备用. 1. 使用java命令行执行java文件 # 设置命令窗口标题 title test1 # 开启输出 @echo on # 设置环境变量JAVA_HOME se ...
- Window日志分析
0X00 简介 0x01 基本设置 A.Windows审核策略设置 前提:开启审核策略,若日后系统出现故障.安全事故则可以查看系统的日志文件,排除故障,追查入侵者的信息等. 打开设置窗口 Window ...
- 123、 android Retrofit 介绍和使用(转载)
简单使用:http://blog.csdn.net/bitian123/article/details/51899716 http://blog.csdn.net/duanyy1990/article ...