[英]How can I authenticate a system user for scheduled processes in Spring?
we have a Quartz/Spring Batch job, that for audit logging purposes we'd like to have it "authenticated" as a system user. 我们有一个Quartz / Spring Batch作业,为了审计日志记录,我们希望将它作为系统用户进行“认证”。 Some of our methods rely on fetching the SecurityContext to do this.
我们的一些方法依赖于获取SecurityContext来执行此操作。 The ways of running this job are trusted (or authenticated).
运行此作业的方式是可信的(或经过身份验证)。 We don't want to actually use a password or other token (since the process is basically always spawned by quartz).
我们不想实际使用密码或其他令牌(因为该过程基本上总是由石英生成)。
I tried this 我试过这个
private void authenticate() {
UserDetails admin = userDetailsService.loadUserByUsername( "admin" );
RunAsUserToken token = new RunAsUserToken(
UUID.randomUUID().toString(), admin, admin.getAuthorities(), null , null );
Authentication user = authenticationManager.authenticate( token );
if ( user.isAuthenticated() ) {
SecurityContext sc = new SecurityContextImpl();
sc.setAuthentication( user );
SecurityContextHolder.setContext( sc );
}
}
but it resulted in 但它导致了
org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.access.intercept.RunAsUserToken
and I'm not sure what some of RunAsUserToken parameters do (eg key) or what I should be giving it in regards to Credentials. 而且我不确定一些RunAsUserToken参数是做什么的(例如密钥)或者我应该在Credentials方面提供什么。
How can I authenticate or otherwise set the security context as if it was authenticated as this user? 我如何验证或以其他方式设置安全上下文,就像它被认证为此用户一样?
I'm not sure yet about the RunAsUserToken. 我还不确定RunAsUserToken。 I think it is intended to be used when someone is already authenticated, but the application what to execute something as another user.
我认为它的目的是在某人已经过身份验证时使用,但应用程序将执行某些内容作为另一个用户。
I found an example of using it here . 我在这里找到了一个使用它的例子 。
But, maybe you don't really need that. 但是,也许你真的不需要那样。 If it is the case, you could just do :
如果是这种情况,您可以这样做:
Authentication auth = new UsernamePasswordAuthenticationToken(admin.getUsername(), admin.getPassword(), admin.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
And then admin will be authenticated. 然后管理员将进行身份验证。 Also, you don't need to use
admin.getPassword()
since it won't be checked anyway. 此外,您不需要使用
admin.getPassword()
因为它无论如何都不会被检查。
Note that you don't have to create the security context : it already exists. 请注意,您不必创建安全上下文:它已存在。 I think it is
ThreadLocal
by default. 我认为默认情况下它是
ThreadLocal
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.