Thymeleaf Security(秒:授权标签)在 Spring 中不起作用

问题描述 投票:0回答:1

我有一个问题:当我实现 thymeleaf 安全性并添加依赖项时,我注意到 sec:authorize 标签甚至不起作用! 我浏览了很多问题,但所有问题都已过时或忘记添加依赖项 本教程非常简单,没有任何额外的类和配置,但也没有帮助:https://www.baeldung.com/spring-security-thymeleaf

我在 github 上的项目:https://github.com/sedub01/CafeBarApplication,我还没有推送新的更改(如果您发现缺少一些文件,我会添加它们) 这是我的 pom.xml 文件

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.1.0</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>sia</groupId>
    <artifactId>CafeBarApplication</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>CafeBarApplication</name>
    <description>Cafe Bar Example</description>
    <properties>
        <java.version>17</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.thymeleaf.extras</groupId>
            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
            <version>3.1.0.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-configuration-processor</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-validation -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-validation</artifactId>
            <version>3.1.0</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-data-jpa -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
            <version>3.1.0</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-security -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <version>3.1.0</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-oauth2-client -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
            <version>3.1.0</version>
        </dependency>
        <dependency>
            <groupId>org.postgresql</groupId>
            <artifactId>postgresql</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

最后但并非最不重要的:我的html代码:

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
    xmlns:sec="http://www.thymeleaf.org/extras/spring-security">

<head>
    <title>Cafe Bar</title>
</head>

<body>
    <h3 th:text="'Welcome' + (${fullname} ? ', ' + ${fullname} + '!' : '')" />
    <img th:src="@{/images/cafeIcon.png}" />
    <!-- TODO think about placing in header -->
    <form method="POST" th:action="@{/logout}">
        <input type="submit" value="Logout" />
    </form>
    <div sec:authorize="!isAuthenticated()">
        This content is only shown to unauthenticated users.
    </div>
    <div sec:authorize="isAuthenticated()">
        This content is only shown to authenticated users.
    </div>
    <div sec:authorize="hasRole('ROLE_ADMIN')">
        This content is only shown to administrators.
    </div>
    <div sec:authorize="hasRole('ROLE_USER')">
        This content is only shown to users.
    </div>
</body>

</html>

实际结果(我以USER身份登录,但每个div都显示):

spring-security thymeleaf spring-thymeleaf
1个回答
1
投票

当您使用 spring-boot 版本 3.1.0 时,它使用 spring 6.0.9 版本。但是您使用的库

thymeleaf-extras-springsecurity5
正在使用spring版本5.x,因此它不会按预期工作。

请使用 

thymeleaf-extras-springsecurity6
库。

<dependency>
  <groupId>org.thymeleaf.extras</groupId>
  <artifactId>thymeleaf-extras-springsecurity6</artifactId>
  <version>3.1.0.RELEASE</version>
</dependency>
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.