Geek Answers Handbook

Beans.NotReadablePropertyException in spring security

I am very new to spring security. I took this book and tried to execute the code.

While I do this, I get

org.springframework.beans.NotReadablePropertyException: Invalid property
'principal.username' of bean class 
[org.springframework.security.authentication.AnonymousAuthenticationToken]: 
Bean property 'principal.username' is not readable or has an invalid getter 
method: 
Does the return type of the getter match the parameter type of the setter?

My spring-security xml config:

<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/login.do" access="permitAll"/>
    <intercept-url pattern="/*" access="hasRole('ROLE_USER')"/>
    <form-login login-page="/login.do"/>
</http>


<authentication-manager alias="authenticationManager">

    <authentication-provider>
        <user-service id="userService">
            <user authorities="ROLE_USER" name="guest" password="guest"/>
        </user-service>
    </authentication-provider>
    <!-- Ch 3 Change Password Service -->
    <!-- 
    <authentication-provider user-service-ref="userService"/>
     -->
</authentication-manager>

Did I miss something?

Let me know if you need more information.

+5
source share
3 answers

It seems that the error message indicates that something is trying to access a nonexistent property on AnonymousAuthenticationToken; i.e., the authentication token that spring uses when the session is not logged in.

, , JSP, spring.

. , , .

( , , AnonymousAuthenticationToken principal, , username. , .)

+9

/ "Spring Security 3". header.jsp. , main.username , .

<div class="username">
    Welcome, 
    <sec:authorize access="isAuthenticated()">  
        <strong><sec:authentication property="principal.username"/></strong>
    </sec:authorize>
</div>
+8

:

  • spring taglib jsp, ,

    <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>

  • spring ,

    <sec:authentication property="principal" />

    in jsp where you want to show username

The following will appear:

  • anonymousUser , means the user is not logged in
  • string representation of the object means that the user is logged in

But do not print the string representation of the object on the page.

Here's the pseudo code:

if principal==anonymousUser
    show login button
else (do not use principal here too)
    show username with logout button
0
source

More articles:


All Articles