spring security 动态管理IP（hasIpAddress）限制爆出错误UnsupportedOperationException

spring security 动态管理IP（hasIpAddress）限制爆出异常UnsupportedOperationException

org.apache.jasper.JasperException: java.lang.UnsupportedOperationExceptionorg.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:541)org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:435)org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)javax.servlet.http.HttpServlet.service(HttpServlet.java:803)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:99)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:119)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:109)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)com.mawujun.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:124)root causejava.lang.UnsupportedOperationExceptionorg.springframework.security.web.access.DummyRequest.getRemoteAddr(DefaultWebInvocationPrivilegeEvaluator.java:359)org.springframework.security.web.util.IpAddressMatcher.matches(IpAddressMatcher.java:40)org.springframework.security.web.access.expression.WebSecurityExpressionRoot.hasIpAddress(WebSecurityExpressionRoot.java:33)sun.reflect.GeneratedMethodAccessor35.invoke(Unknown Source)sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)java.lang.reflect.Method.invoke(Method.java:597)org.springframework.expression.spel.support.ReflectiveMethodExecutor.execute(ReflectiveMethodExecutor.java:58)org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:76)org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:102)org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:97)org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:11)com.mawujun.util.security.CustomWebExpressionVoter.vote(CustomWebExpressionVoter.java:49)org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:50)org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator.isAllowed(DefaultWebInvocationPrivilegeEvaluator.java:137)org.springframework.security.taglibs.authz.AuthorizeTag.authorizeUsingUrlCheck(AuthorizeTag.java:78)org.springframework.security.taglibs.authz.AuthorizeTag.doStartTag(AuthorizeTag.java:50)org.apache.jsp.permission.accountManager_jsp._jspx_meth_sec_005fauthorize_005f0(accountManager_jsp.java:1049)org.apache.jsp.permission.accountManager_jsp._jspService(accountManager_jsp.java:321)org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)javax.servlet.http.HttpServlet.service(HttpServlet.java:803)org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393)org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)javax.servlet.http.HttpServlet.service(HttpServlet.java:803)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:99)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:119)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:109)org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)com.mawujun.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:124)

?

?

原因：是因为在页面上使用了spring security的标签，该标签使用DefaultWebInvocationPrivilegeEvaluator进行判断，要在自己定义的CustomWebExpressionVoter排除这种情况