cas 单点登录 --自定义审计日记@Audit()
错误信息:
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing [AnnotatedAction@50b13f08 targetAction = [EvaluateAction@1e91236d expression =
authorityCacheAction.authorityCacheByST(flowRequestContext,service), resultExpression = [null]], attributes = map[[empty]]]
in state 'authorityCacheAction' of flow 'login' -- action execution attributes were 'map[[empty]]'
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.DecisionState.doEnter(DecisionState.java:51)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:232)
at org.springframework.webflow.engine.ViewState.resume(ViewState.java:196)
at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:258)
at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:933)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:867)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:855)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:829)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:125)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:54)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.servlet.filter.RequestDumperFilter.doFilter(RequestDumperFilter.java:86)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.cas.web.filter.GetSessionCookieFilter.doFilter(GetSessionCookieFilter.java:112)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at edu.vt.middleware.servlet.filter.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:616)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1533)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1489)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.binding.expression.EvaluationException:
An ELException occurred getting the value for expression 'authorityCacheAction.authorityCacheByST(flowRequestContext,service)' on context [class org.springframework.webflow.engine.impl.RequestControlContextImpl]
at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:92)
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:75)
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
... 88 more
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1004E:(pos 21): Method call: Method authorityCacheByST(org.springframework.webflow.engine.impl.RequestControlContextImpl,
org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl)cannot be found on com.sun.proxy.$Proxy46 type
at org.springframework.expression.spel.ast.MethodReference.findAccessorForMethod(MethodReference.java:202)
at org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:118)
at org.springframework.expression.spel.ast.MethodReference.access$000(MethodReference.java:44)
at org.springframework.expression.spel.ast.MethodReference$MethodValueRef.getValue(MethodReference.java:258)
at org.springframework.expression.spel.ast.CompoundExpression.getValueInternal(CompoundExpression.java:82)
at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:102)
at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:98)
at org.springframework.binding.expression.spel.SpringELExpression.getValue(SpringELExpression.java:84)
... 92 more
错误信息基本上是红色部分。
场景还原:
1、cas单点登录,想自定义审计注入【@Audit()】,于是在cas登录流程加入了一个自己写的类:
public class AuthorityCacheAction {
private static final Logger logger = LoggerFactory.getLogger(AuthorityCacheAction.class);
private RedisUtil redisUtil;
public RedisUtil getRedisUtil() {
return redisUtil;
}
public void setRedisUtil(RedisUtil redisUtil) {
this.redisUtil = redisUtil;
}
@Audit(action = "MY_AUTHORITY_CACHE_TICKET", actionResolverName = "MY_AUTHORITY_CACHE_TICKET_RESOLVER", resourceResolverName = "MY_AUTHORITY_CACHE_TICKET_RESOURCE_RESOLVER")
@Transactional(readOnly = false)
public Event authorityCacheByST(RequestContext context, Service service) throws Exception {
看重点部分:
MyServiceTicket myServiceTicket = (MyServiceTicket) attributes.get("serviceTicketId");
myServiceTicket.setServiceTicketId(serviceTicketId);
redisUtil.set(serviceTicketId, attributes.get("groupAuthorities").toString());
return new Event(this, "success");
}
}
cas登录流程流程代码:
<action-state id="authorityCacheAction">
<evaluate expression="authorityCacheAction.authorityCacheByST(flowRequestContext,service)" />
<transition on="success" to ="warn" />
</action-state>
aop切入点声明:
<aop:aspectj-autoproxy/> <bean id="authorityCacheAction" class="com.tyky.cas.web.AuthorityCacheAction"
p:redisUtil-ref="redisUtil"/> ...........
差不多就是事故现场了,单点登录到这个流程,就会报以上错误!还有种错误情况情况就是redisUtil 为null,redisUtil 的bean声明在另一个xml文件中,一直以为是xml加载顺序的原因,尝试将两个bean的声明写在同一个xml中,redisUtil不为空了,但是我的审计@Audit()方法不起作用,于是在想为什么不能注入,已经声明了
<aop:aspectj-autoproxy/>
并将class在里面声明了。
后来各种在网上尝试找方法,看到了一句 "原来Sprig AOP默认情况下创建的代理是基于接口的,所以类的属性是不能通过代理来访问的,这就是为什么前面报这样的错了!",尝试将该类添加一个接口,于是心愿了了。
public class AuthorityCacheAction implements IAuthorityCacheAction {
.......
}
接口:
public interface IAuthorityCacheAction {
public Event authorityCacheByST(RequestContext context,Service service) throws Exception;
}
参考资料中是用另外一种方式解决的。
动态代理:
内容是摘抄的,不知最初的原作者,见谅
Java 动态代理。具体有如下四步骤:
- 通过实现 InvocationHandler 接口创建自己的调用处理器;
- 通过为 Proxy 类指定 ClassLoader 对象和一组 interface 来创建动态代理类;
- 通过反射机制获得动态代理类的构造函数,其唯一参数类型是调用处理器接口类型;
- 通过构造函数创建动态代理类实例,构造时调用处理器对象作为参数被传入。
GCLIB代理
cglib(Code Generation Library)是一个强大的,高性能,高质量的Code生成类库。它可以在运行期扩展Java类与实现Java接口。
cglib封装了asm,可以在运行期动态生成新的class。
cglib用于AOP,jdk中的proxy必须基于接口,cglib却没有这个限制。
原理区别:
java动态代理是利用反射机制生成一个实现代理接口的匿名类,在调用具体方法前调用InvokeHandler来处理。而cglib动态代理是利用asm开源包,对代理对象类的class文件加载进来,通过修改其字节码生成子类来处理。
1、如果目标对象实现了接口,默认情况下会采用JDK的动态代理实现AOP
2、如果目标对象实现了接口,可以强制使用CGLIB实现AOP
3、如果目标对象没有实现了接口,必须采用CGLIB库,spring会自动在JDK动态代理和CGLIB之间转换
如何强制使用CGLIB实现AOP?
* 添加CGLIB库,SPRING_HOME/cglib/*.jar
* 在spring配置文件中加入<aop:aspectj-autoproxy proxy-target-class="true"/>
JDK动态代理和CGLIB字节码生成的区别?
* JDK动态代理只能对实现了接口的类生成代理,而不能针对类
* CGLIB是针对类实现代理,主要是对指定的类生成一个子类,覆盖其中的方法
因为是继承,所以该类或方法最好不要声明成final。
曾尝试过使用<aop:aspectj-autoproxy proxy-target-class="true"/> ,可能因为含有这个aop声明的xml文件包含其他bean的声明导致出错,我就是用了接口的方式。
reference: http://blog.csdn.net/gxlstone/article/details/12955063
cas 单点登录 --自定义审计日记@Audit()的更多相关文章
- CAS 单点登录【2】自定义用户验证
基础不太熟的同学可以先去看:CAS 单点登录[1]入门 方案1:CAS默认的JDBC扩展方案: CAS自带了两种简单的通过JDBC方式验证用户的处理器. 1.QueryDatabaseAuthe ...
- SSO之CAS单点登录详细搭建教程
本教程是我个人编写,花费几个小时的时间,给需要学习的人员学习使用,希望能帮助到你们. [环境说明]:本文演示过程在同一个机器上的(也可以在三台实体机器或者三个的虚拟机上),环境如下: windows7 ...
- CAS单点登录(SSO)服务端的部署和配置---连接MySQL进行身份认证
一.修改系统host,加入 127.0.0.1 server.test.com127.0.0.1 client1.test.com127.0.0.1 client2.test.com 二.安装grad ...
- SSO单点登录系列5:cas单点登录增加验证码功能完整步骤
本篇教程cas-server端下载地址:解压后,直接放到tomcat的webapp目录下就能用了,不过你需要登录的话,要修改数据源,C:\tomcat7\webapps\casServer\WEB-I ...
- Spring boot security权限管理集成cas单点登录
挣扎了两周,Spring security的cas终于搞出来了,废话不多说,开篇! Spring boot集成Spring security本篇是使用spring security集成cas,因此,先 ...
- CAS单点登录系列之极速入门于实战教程(4.2.7)
@ 目录 一. SSO简介 1.1 单点登录定义 1.2 单点登录角色 1.3 单点登录分类 二. CAS简介 2.1 CAS简单定义 2.2 CAS体系结构 2.3 CAS原理 三.CAS服务端搭建 ...
- SSO之CAS单点登录实例演示
本文目录: 一.概述 二.演示环境 三.JDK安装配置 四.安全证书配置 五.部署CAS-Server相关的Tomcat 六.部署CAS-Client相关的Tomcat 七. 测试验证SSO 一.概述 ...
- cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused
cas 单点登录出现org.jasig.cas.client.util.CommonUtils.getResponseFromServer - 拒绝连接 Connection refused 环境: ...
- CAS单点登录中文用户名乱码问题
CAS单点登录中文用户名乱码问题,有两种情况 1. CAS server乱码 即在向server端提交用户名和密码时,发生了乱码,解决方法是: 打开WEB-INF/web.xml,在其它的Filter ...
随机推荐
- Windows 安装 adt-bundle的方法
Refer:http://my.eoe.cn/shuhai/archive/19381.html Windows 安装 adt-bundle的方法 很多大神说Windows下Eclipse启动不起来, ...
- jQuery时间格式转换
http://www.cnblogs.com/ShaYeBlog/p/4129301.html
- OpenGL中的光照技术(翻译)
Lighting:https://www.evl.uic.edu/julian/cs488/2005-11-03/index.html 光照 OpenGL中的光照(Linghting)是很重要的,为什 ...
- 常用CSS备忘
1 怎样让div中的img居中 水平居中:div设置:text-align:center; img设置:width:图片宽度; margin:0 auto; 垂直居中:div设置:position:r ...
- LeetCode_Maximum Subarray | Maximum Product Subarray
Maximum Subarray 一.题目描写叙述 就是求一个数组的最大子序列 二.思路及代码 首先我们想到暴力破解 public class Solution { public int maxSub ...
- grid响应式布局
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...
- MySQL实现树状所有子节点查询的方法
本文实例讲述了MySQL实现树状所有子节点查询的方法.分享给大家供大家参考,具体如下: 在Oracle 中我们知道有一个 Hierarchical Queries 通过CONNECT BY 我们可以方 ...
- php mongodb manager 查数据的各种姿势
一.连接 mongodb 数据库 以下操作默认都是以上面操作为前提(已连接成功)而做的操作 二.查的各种姿势 1)通过主键_id来查询,注意:_id不是直接用字符串来表示,要用 new \MongoD ...
- Four Ways to Create a Thread
Blaise Pascal Magazine Rerun #5: Four Ways to Create a Thread This article was originally written ...
- Django SimpleCMDB 项目
创建 SimpleCMDB 项目: [root@localhost ~]$ django-admin.py startproject SimpleCMDB 创建应用,收集主机信息: [root@loc ...