使用AcceptHeaderLocaleResolver和i18n的Spring Security
问题内容:
我陷入困境,可能错过了文档中的内容或犯了一些小错误。
我的Spring MVC 3.0.5应用程序中集成了Spring Security 3.0.5。
AcceptHeaderLocaleResolver 用于区域设置检测,并且本地化工作正常,但安全错误消息除外。
我从spring安全软件包中复制了messages.properties, 并重 命名并添加到带有值列表的现有 “ messageSource”
bean(ResourceBundleMessageSource)
中。
如前所述,所有文本和消息均已正确本地化,但使用安全编码的英文消息的安全缝除外。
任何想法如何解决这个问题?
更新:
我的xy-servlet.xml包含:
...
<mvc:resources mapping="/resources/**" location="/resources/" />
...
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>defaultMessages</value>
<value>securityMessages</value>
</list>
</property>
</bean>
和文件
defaultMessages.propertiesdefaultMessages_en.propertiesdefaultMessages_de.propertiesdefaultMessages_sl.properties
和
securityMessages.propertiessecurityMessages_en.propertiessecurityMessages_de.propertiessecurityMessages_sl.properties
但是defaultMessages可以。securityMessages才不是。我对所有securityMessages文件进行了小的更改,但这些更改将被忽略,并显示硬编码的英语消息。
UPDATE v2: 我的dispatcher-servlet.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<context:component-scan base-package="com.example.sampleapp1" />
<context:annotation-config />
<mvc:annotation-driven/>
<!-- Handles HTTP GET requests for /resources/** by efficiently serving up static resources in the ${webappRoot}/resources/ directory -->
<mvc:resources mapping="/resources/**" location="/resources/" />
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver"
p:prefix="/WEB-INF/views/" p:suffix=".jsp" />
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>defaultMessages</value>
<value>securityMessages</value>
<value>org/springframework/security/messages_de</value>
</list>
</property>
</bean>
<!-- Persistence -->
<bean id="myPMF" class="org.springframework.orm.jdo.LocalPersistenceManagerFactoryBean">
<property name="persistenceManagerFactoryName" value="transactions-optional"/>
</bean>
<!-- Form Validator -->
</beans>
问题答案:
最后解决!
安全消息的Bean显然必须在applicationContext-security.xml中声明,
而不是在应用程序上下文xml配置中声明…我在手册中的任何地方都找不到!
就我而言,正确的解决方案是applicationContext-security.xml中的bean:
<b:bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<b:property name="basenames">
<b:value>secMessages</b:value>
</b:property>
</b:bean>
感谢 @bluefoot 和 @jtoberon 的一些想法。
更新:* 为了正常工作,web.xml必须在 springSecurityFilterChain 之前包含
localizationFilter ,我的web.xml是: *
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<!-- The definition of the Root Spring Container shared by all Servlets and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/applicationContext-security.xml</param-value>
</context-param>
<!-- i18n -->
<filter>
<filter-name>localizationFilter</filter-name>
<filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- i18n -->
<filter-mapping>
<filter-name>localizationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
在i18n注释后检查行。
