错误4904---[nio-8080-exec-1]org.thymelaf.TemplateEngine
:[ThyELEAF][http-nio-8080-Executi-1]异常处理模板"index":分析模板时出错(template:"class路径资源[templates/index.html]")org.thimeleaf.exceptions.TemplateInput异常:发生错误在模板分析期间(template:"类路径资源[templates/index.html]")org.thymelaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplate Parser.java:241)~[thymelaf-3.0.11.REASE.jar:3.0.11.REALSE]org.thymelaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplate Parser.java:100)~[thymelaf-3.0.11.REASE.jar:3.0.11.REALSE]org.thymelaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)~[thymelaf-3.0.11.REASE.jar:3.0.11.REALSE]org.thymelaf.TemplateEngine.process(TemplateEngine.java:1098)[thymeeaf-3.0.11.发布。jar:3.0.11.发布]org.thymelaf.TemplateEngine.process(TemplateEngine.java:1072)[thymeeaf-3.0.11.发布。jar:3.0.11.发布]org.thymelaf.spring5.view.ThymeleafView.renderFragment(ThymelafView.java:362)[thymelaf-spring5-3.0.11.REASE.jar:3.0.11.REASE]org.thymelaf.spring5.view.ThymeleafView.render(ThymelafView.java:189)[thymelaf-spring5-3.0.11.REASE.jar:3.0.11.REASE]org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1370)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELENSE]org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1116)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELENSE]org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1055)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELENSE]org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELENSE]org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELENSE]org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897)[spring-webmvc-5.1.3.RELEASE.jar:5.1.3.RELEASE]
由以下原因引起:org.attoparser.ParseException:评估异常SpringEL表达式:"#authorization.expression('isAuthenticated()')和#authorization.expression('hasAuthority('USER')')"(模板:"碎片/导航条"-第8行,第15列)
Pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
<version>3.0.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
当我尝试检查权限时,问题来自这里
<html lang="en" xmlns="w3.org/1999/xhtml" xmlns:th="thymeleaf.org">
<th:block th:fragment="navbar">
<th:block if:sec:authorize="isAnonymous()">
<th:block th:replace="fragments/navbar-guest"></th:block>
</th:block>
<th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''USER'')')}">
<th:block th:replace="fragments/navbar-user"></th:block>
</th:block>
<th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''ADMIN'')')}">
<th:block th:replace="fragments/navbar-admin"></th:block>
</th:block>
<th:block th:if="${#authorization.expression('isAuthenticated()') and #authorization.expression('hasAuthority(''MODERATOR'')')}">
<th:block th:replace="fragments/navbar-user"></th:block>
</th:block>
</th:block>
确保您在pom.xml 中thymelaf-extras-springsecurity4
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>
以及thymelaf页面中html模板中的xmlns:sec。
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
如果您在如下模型中通过授权-
在控制器上设置参数
request.setAttribute("authorization", authorizationObject);
在前端使用与相同的内容
<th:block th:if="${authorization.isAuthenticated() && authorization.hasAuthority('USER')}">
<th:block th:replace="fragments/navbar-user"></th:block>
</th:block>
希望它会有所帮助,谢谢
我添加了拦截器,它在每次请求时都会发送角色
modelAndView.addObject("authorization", SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream().findFirst().get().toString());
在HTML中,我使用<th:block th:if="${authorization=='USER'}">
<th:block th:replace="fragments/navbar-user"></th:block>
</th:block>进行检查
现在一切正常!