堆栈内存溢出
  简体   繁体   English

Spring安全匿名用户和具有弹簧安全性的经过身份验证的用户

[英]spring secuirty anonymous user and authenticated user with spring security

 原文  2013-08-19 05:03:17       java/ spring-mvc

问题描述

Hi am new to spring security. 嗨,我是Spring Security的新手。

i had tried with anonymous user for access the application. 我曾尝试与匿名用户访问该应用程序。 but now i want to implement both anonymous user and authenticated user access the application .can any one help me. 但是现在我想同时实现匿名用户和经过身份验证的用户访问该应用程序。任何人都可以帮助我。

the following security.xml i had used for anonymous users.but now i want to implement anonymous user and authenticated users.(authenticated users sample registered users username and password to checking) 我曾用于匿名用户的以下security.xml,但现在我想实现匿名用户和已认证的用户。(已认证的用户将示例注册用户的用户名和密码进行检查) 

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http pattern="/static/**" security="none" />
    <http pattern="**/static/**" security="none" />
    <http pattern="/w/login*" security="none" />
    <http pattern="/w/about*" security="none" />    
    <http pattern="/w/getInvolved*" security="none" />
    <http pattern="/w/faq*" security="none" />
    <http pattern="/w/feedback*" security="none" />
    <http pattern="/w/contact*" security="none" />
    <http pattern="/w/privacy*" security="none" />
    <http pattern="/w/terms*" security="none" />
    <http auto-config='true' use-expressions="true">

    <form-login login-page='/w/login' />

    <intercept-url pattern="/w/**" access="isAnonymous()"/>
    <intercept-url pattern="/a/**" access="isAnonymous()"/>
    <logout logout-url="/w/logout"  logout-success-url="/w/login" />
  </http>


  <authentication-manager>
     <authentication-provider user-service-ref="twwiUserSQLMapDAO">
        <password-encoder hash="sha"></password-encoder>
    </authentication-provider>
  </authentication-manager>
  </beans:beans>

1 个解决方案

解决方案1
 2  2013-08-19 09:33:58

如果您想授予经过身份验证的匿名用户访问权限,则可以使用permitAll: 

<intercept-url pattern="/login/**" access="permitAll" />

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring Security 3检查用户是否通过身份验证 - Spring Security 3 check if user is authenticated Spring 匿名用户的安全和 RequestCache - Spring Security and RequestCache with Anonymous User Spring Secuirty Oauth 2 - 多用户身份验证服务 - Spring Secuirty Oauth 2 - multiple user authentication services Spring Security预认证用户登录 - spring security pre authenticated user login Spring Security - 用户在会话销毁时保持身份验证 - Spring Security - User keeps authenticated on session destroy Spring 安全性:在方法中获取经过身份验证的用户 - Spring security: get Authenticated user in method 当匿名用户尝试经过身份验证的操作时,更改 spring 安全登录重定向 - Change spring security login redirect when anonymous user tries authenticated action 对于经过身份验证且未经过身份验证的用户,Spring Security会在休息服务中获取用户信息 - Spring Security get user info in rest service, for authenticated and not authenticated users 春季4安全访问被拒绝(用户不是匿名的) - Spring 4 Security access denied (user is not anonymous) 使用Spring Security的匿名用户计数 - Anonymous user count using Spring Security
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM