春天4.2.1是一个限制类

Question

如果我从春天4.1.7.RELEASE移动到4.2.1.RELEASE谷歌应用程序引擎提出了java.lang.NoClassDefFoundError

当春季安全抛出AccessDeniedException（AffirmativeBased.java:83）

我知道我无权访问请求的资源。我期待春天之后，但由于春季4.2它不工作:(

[INFO] java.lang.NoClassDefFoundError: java.util.ResourceBundle$Control is a restricted class. Please see the Google App Engine developer's guide for more details. 
[INFO] at com.google.appengine.tools.development.agent.runtime.Runtime.reject(Runtime.java:52) 
[INFO] at org.springframework.context.support.ResourceBundleMessageSource$MessageSourceControl.<init>(ResourceBundleMessageSource.java:417) 
[INFO] at org.springframework.context.support.ResourceBundleMessageSource$MessageSourceControl.<init>(ResourceBundleMessageSource.java:417) 
[INFO] at org.springframework.context.support.ResourceBundleMessageSource.doGetBundle(ResourceBundleMessageSource.java:314) 
[INFO] at org.springframework.context.support.ResourceBundleMessageSource.getResourceBundle(ResourceBundleMessageSource.java:284) 
[INFO] at org.springframework.context.support.ResourceBundleMessageSource.resolveCodeWithoutArguments(ResourceBundleMessageSource.java:234) 
[INFO] at org.springframework.context.support.AbstractMessageSource.getMessageInternal(AbstractMessageSource.java:218) 
[INFO] at org.springframework.context.support.AbstractMessageSource.getMessage(AbstractMessageSource.java:136) 
[INFO] at org.springframework.context.support.MessageSourceAccessor.getMessage(MessageSourceAccessor.java:83) 
[INFO] at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) 
[INFO] at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232) 
[INFO] at org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor.invoke(AspectJMethodSecurityInterceptor.java:43) 
[INFO] at org.springframework.security.access.intercept.aspectj.aspect.AnnotationSecurityAspect.ajc$around$org_springframework_security_access_intercept_aspectj_aspect_AnnotationSecurityAspect$1$c4d57a2b(AnnotationSecurityAspect.aj:63) 
[INFO] at xx.xxx.controllers.PortalController.home(PortalController.java:51) 

Answer 1

要在GAE运行春季4.2.1和使用全局方法安全，我不得不消息源设置的StaticMessageSource而不是ResourceBundleMessageSource会显示登录页面这造成的问题。不幸的是，宣布为messageSource豆不仅是一两件事，有许多工作要做。这是这里使用的是由法GlobalMethodSecurityConfiguration.accessDecisionManager（创建）和

@Bean(name = "messageSource") 
    public MessageSource messageSource() { 
    StaticMessageSource messageSource = new StaticMessageSource(); 
    return messageSource; 
    } 

AffirmativeBased访问决策管理不是春bean所以setMessageSource（）方法没有执行，所以它不是MessageSourceAware。该解决方案是手动设置此为messageSource：

@Configuration 
@EnableGlobalMethodSecurity 
public class MethodSecurityConfiguration extends GlobalMethodSecurityConfiguration { 

    @Inject 
    private MessageSource messageSource; 

    @Override 
    protected AccessDecisionManager accessDecisionManager() { 
    AffirmativeBased manager = (AffirmativeBased)super.accessDecisionManager(); 
    manager.setMessageSource(messageSource); 
    return manager; 
    } 
} 

Answer 2

有点反复试验后，下面似乎为我工作确定：

1. 将邮件文件到WEB-INF。

2. 更新Spring配置使用ReloadableResourceBundleMessageSource而不是ResourceBundleMessageSource，例如，在XML

   <豆ID = "为messageSource " 类= " org.springframework.context.support.ReloadableResourceBundleMessageSource " > <属性名= "基名" 值= "/WEB-INF/I18N /消息"/> < /豆>