Spring集成中的安全模型
[英]Security Model in Spring-Integration
问题描述
Please help me understand, how security is implemented in Spring-integration. 
请帮助我理解Spring集成中如何实现安全性。 Is it like if flow is suppose JMS Queue-> Spring-integration -> Webservice, then 2 channels in spring-integration one for JMS and other for WS would connect. 如果流程是假设JMS队列 - > Spring-integration - > Webservice,那么Spring中的2个通道一个用于JMS,另一个用于WS用于连接。 So is it like these channels would provide some authentication token kind of details to endpoints(JMS and WS) and perform routing. 因此,这些通道会向端点(JMS和WS)提供一些身份验证令牌类型的细节并执行路由。 Please share if any helpful information on security in spring-integration 如果有任何关于弹簧集成安全性的有用信息,请分享
Thanks 谢谢
1 个解决方案
解决方案1
2 2013-07-13 15:03:59
Spring Integration can be seamless in regards to security (for example, passing any received token from JMS to WS if it's set as a header). Spring集成在安全性方面可以是无缝的(例如,如果将任何接收到的令牌设置为WS,则将其从JMS传递给WS)。 Alternatively, it can enforce Spring Security at the channel level, meaning that you cannot pass a message on a channel (and it's downstream service) unless the request is authorized. 或者,它可以在通道级强制执行Spring Security,这意味着除非请求被授权,否则您无法在通道(以及它的下游服务)上传递消息。
Another option is that the Spring Security Context can be serialized, allowing the whole authentication object to be serialized and passed over JMS, then deserialized and used as the Security Context in Spring Integration for invoking the WS. 另一种选择是可以序列化Spring Security Context,允许整个身份验证对象被序列化并通过JMS传递,然后反序列化并用作Spring Integration中的安全上下文来调用WS。
Have a look at Appendix C in the Spring Integration documents. 请参阅Spring Integration文档中的附录C.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.