Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring Security - No visible WebSecurityExpressionHandler instance could be found in the application context

Tags:

I am having trouble displaying a logout link in a JSP page only if the user is authenticated. Here is the exception I have at this line of the JSP page:

<sec:authorize access="isAuthenticated()">

Exception:

Stacktrace: ....  root cause  javax.servlet.jsp.JspException: No visible WebSecurityExpressionHandler instance could be found in the application context. There must be at least one in order to support expressions in JSP 'authorize' tags.     org.springframework.security.taglibs.authz.AuthorizeTag.getExpressionHandler(AuthorizeTag.java:100)     org.springframework.security.taglibs.authz.AuthorizeTag.authorizeUsingAccessExpression(AuthorizeTag.java:58)

Here is my application-context-Security.xml:

<http auto-config='true' >     <intercept-url pattern="/user/**" access="ROLE_User" />     <logout logout-success-url="/hello.htm" /> </http>  <beans:bean id="daoAuthenticationProvider"     class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">     <beans:property name="userDetailsService" ref="userDetailsService" /> </beans:bean>  <beans:bean id="authenticationManager"     class="org.springframework.security.authentication.ProviderManager">     <beans:property name="providers">         <beans:list>             <beans:ref local="daoAuthenticationProvider" />         </beans:list>     </beans:property> </beans:bean>  <authentication-manager>     <authentication-provider user-service-ref="userDetailsService">         <password-encoder hash="plaintext" />     </authentication-provider> </authentication-manager>

I understand that I could use use-expression="true" in the http tag but that means I would have to use expression in the intercept-url tags and in the java code. Is there a workaround?

like image 889
dukable Avatar asked Jul 21 '12 16:07

dukable

1 Answers

You can just add one to your application context

<bean id="webexpressionHandler" class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler" />

but the easiest way is just to enable expressions in your <http> configuration, and one will be added for you. This only means that you have to use expressions within that block, not in Java code such as method @Secured annotations.

like image 194
Shaun the Sheep Avatar answered Sep 28 '22 04:09

Shaun the Sheep
Sign in to Comment

Related questions

Fatal error: Call to undefined method mysqli_result::fetch_all()
How do i know if connection is alive with websockets?
Mongo conditional for "key doesn't exist"?
EntityFramework - Entity proxy error
How do I make a deep copy of a knockout object that was created by the mapping plugin
Xcopy Command excluding files and folders [duplicate]
What is the equivalence for QString::arg() in QML
Creating slow scrolling to indexPath in UICollectionView
Figure out if a table has a DELETE on CASCADE
complete styles for cross browser CSS zoom
Static map initialization
TPL Dataflow, how to forward items to only one specific target block among many linked target blocks?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!