我正在尝试将spring security acl实现到项目中.在构建主配置部分并创建相应的数据库模式之后,我正在尝试创建一些ACE并让魔法发生.但我一遍又一遍地面对这个例外
java.lang.IllegalArgumentException: Transaction must be running
org.springframework.util.Assert.isTrue(Assert.java:65)
org.springframework.security.acls.jdbc.JdbcMutableAclService.createOrRetrieveSidPrimaryKey(JdbcMutableAclService.java:219)
org.springframework.security.acls.jdbc.JdbcMutableAclService$1.setValues(JdbcMutableAclService.java:136)
org.springframework.jdbc.core.JdbcTemplate$4.doInPreparedStatement(JdbcTemplate.java:892)
org.springframework.jdbc.core.JdbcTemplate$4.doInPreparedStatement(JdbcTemplate.java:1)
org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:586)
org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:614)
org.springframework.jdbc.core.JdbcTemplate.batchUpdate(JdbcTemplate.java:883)
org.springframework.security.acls.jdbc.JdbcMutableAclService.createEntries(JdbcMutableAclService.java:123)
org.springframework.security.acls.jdbc.JdbcMutableAclService.updateAcl(JdbcMutableAclService.java:314)
我的基本配置部分
factorybean">
factorybean" />
factorybean">
requiredrequiredrequired
似乎我错过了一些东西,因为事务应该通过TransactionProxy处于活动状态.
以这种方式在控制器中访问服务
...
ObjectIdentity oi = new ObjectIdentityImpl(X.class,vm.hashCode());
Sid sid = new PrincipalSid(userDn);
Permission p = BasePermission.READ;
// Create or update the relevant ACL
MutableAcl acl = null;
try {
acl = (MutableAcl) aclService.readAclById(oi);
} catch (NotFoundException nfe) {
acl = aclService.createAcl(oi);
}
// Now grant some permissions via an access control entry (ACE)
acl.insertAce(acl.getEntries().size(),p,sid,true);
aclService.updateAcl(acl);
...
最佳答案
尝试使用事务模板覆盖调用aclService方法:
TransactionTemplate tt = new TransactionTemplate(transactionManager);
tt.execute(new TransactionCallbackWithoutResult() {
@Override
protected void doInTransactionWithoutResult(TransactionStatus status) {
ObjectIdentity oid = new ObjectId
entityImpl(clazz.getCanonicalName(),securedObject.getId());
// your aclService operation here:
aclService.deleteAcl(oid,true);
}
});