本文介绍从 Spring 3.0 升级到 3.1 的过程及注意事项,重点说明了 springsecurity 中 filter 设置的变化。
今天发现spring全体升级到3.1了,官方网站说是100%与3.0兼容,当然这指的是spring framework,可能没有包括spring security.
根据我个人升级的经历来说,首先xml头上的xsd文件版本要更新一下,从3.0.xsd改为3.1.xsd
另外,遇到了一个问题就是spring security中不再支持filter="none"了
比如:
<http use-expression="true" auto-config="true">
<intercept-url pattern="/static/**" filters="none"/>
<intercept-url pattern="/security/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
<http-basic/>
</http>
需要改成:
<http pattern="/static/**" security="none"/>
<http use-expression="true" auto-config="true">
<intercept-url pattern="/security/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
<http-basic/>
</http>
根据我个人升级的经历来说,首先xml头上的xsd文件版本要更新一下,从3.0.xsd改为3.1.xsd
另外,遇到了一个问题就是spring security中不再支持filter="none"了
比如:
<http use-expression="true" auto-config="true">
<intercept-url pattern="/static/**" filters="none"/>
<intercept-url pattern="/security/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
<http-basic/>
</http>
需要改成:
<http pattern="/static/**" security="none"/>
<http use-expression="true" auto-config="true">
<intercept-url pattern="/security/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
<http-basic/>
</http>
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
