[英]siteminder sso and spring security testing
I am making a Java portal application that will be accessed via a Siteminder single sign on. 我正在制作一个Java门户应用程序,可以通过Siteminder单点登录对其进行访问。
I have the application currently rejecting any requests without the SM_USERID using the following beans: 我的应用程序当前使用以下bean拒绝没有SM_USERID的任何请求:
<bean id="siteminderFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter">
<property name="principalRequestHeader" value="SM_USERID"/>
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService">
<bean id="userDetailsServiceWrapper" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<property name="userDetailsService" ref="ssoUserDetailsService"/>
</bean>
</property>
</bean>
My SSOUserDetailsService finds a user based on the SM_USERID header and returns it as a spring User. 我的SSOUserDetailsService根据SM_USERID标头找到一个用户,并将其作为spring User返回。
My problem is that I cannot make this work locally. 我的问题是我无法在本地进行此工作。 It would need to be deployed so I can get the Siteminder header.
需要部署它,以便我可以获取Siteminder标头。
Is there any workaround to be able to submit a local test user's username in a mock Siteminder header to my Siteminder filter? 有什么解决方法可以在模拟Siteminder标头中向我的Siteminder过滤器提交本地测试用户的用户名?
I was thinking of a page with each user as a button. 我当时正在考虑将每个用户作为按钮的页面。 Clicking the button would send a request with a SM_USER header.
单击该按钮将发送带有SM_USER标头的请求。
The problem with that is the filter doesn't allow access to the site at all without a SM_USER header so I couldn't get to that page! 这样做的问题是,没有SM_USER标头,过滤器根本不允许访问该网站,所以我无法进入该页面!
What do I do? 我该怎么办?
创建一个过滤器,该过滤器在标题中注入属性SM_USERID,并将此过滤器放置在web.xml中的FilterChainProxy声明之前。
尝试使用以下值更新主机文件http://www.xyz.com 127.0.0.1:8080/yourappName
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.