Siteminder SSO和Spring安全性测试

Question

I am making a Java portal application that will be accessed via a Siteminder single sign on.

I have the application currently rejecting any requests without the SM_USERID using the following beans:

<bean id="siteminderFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter">
    <property name="principalRequestHeader" value="SM_USERID"/>
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

<bean id="preauthAuthProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
    <property name="preAuthenticatedUserDetailsService">
        <bean id="userDetailsServiceWrapper"  class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <property name="userDetailsService" ref="ssoUserDetailsService"/>
        </bean>
    </property>
</bean>

My SSOUserDetailsService finds a user based on the SM_USERID header and returns it as a spring User.

My problem is that I cannot make this work locally. It would need to be deployed so I can get the Siteminder header.

Is there any workaround to be able to submit a local test user's username in a mock Siteminder header to my Siteminder filter?

I was thinking of a page with each user as a button. Clicking the button would send a request with a SM_USER header.

The problem with that is the filter doesn't allow access to the site at all without a SM_USER header so I couldn't get to that page!

What do I do?

Answer 1

创建一个过滤器，该过滤器在标题中注入属性SM_USERID，并将此过滤器放置在web.xml中的FilterChainProxy声明之前。

Answer 2

尝试使用以下值更新主机文件http://www.xyz.com 127.0.0.1:8080/yourappName