堆栈内存溢出
  简体   繁体   English

将Spring Annotations与XML Config混合用于Spring Web Security

[英]Mixing Spring Annotations with XML Config for Spring Web Security

 原文  2018-10-11 17:10:10       java/ xml/ spring/ spring-security/ annotations

问题描述

TL;DR TL; DR
Is there a way to mix Spring Web Security configuration with both annotations and xml? 有没有办法将Spring Web Security配置与注释和xml混合使用?

Full Story 全文
For our legacy spring web application we are looking into using annotation driven configuration for part of our web security. 对于我们的传统Spring Web应用程序,我们正在研究如何使用注释驱动配置来实现Web安全性的一部分。

Currently all our web security ( <security:http> ) is driven by xml based configuration. 目前,我们所有的Web安全性( <security:http> )都是由基于xml的配置驱动的。 But we are adding a new login mechanism (SAML 2.0) that seems like it would be much easier to configure via annotations than xml. 但我们正在添加一种新的登录机制(SAML 2.0),似乎通过注释比xml更容易配置。

We have been attempting to mix the use of annotations and xml, but it seems as though only one or the other works. 我们一直试图混合使用注释和xml,但似乎只有一个或另一个工作。 Meaning that when any xml based web security is referenced, either via an xml ( <import resource="classpath:web-security.xml"/> or via the @ImportResource annotation, the annotation based web security is ignored. 这意味着当通过xml( <import resource="classpath:web-security.xml"/>或通过@ImportResource注释)引用任何基于xml的Web安全性时,将忽略基于注释的Web安全性。

If we remove references to the xml based configuration our annotation configuration gets called. 如果我们删除对基于xml的配置的引用,则会调用我们的注释配置。

Any friendly suggestions or advice is appreciated. 任何友好的建议或建议表示赞赏。

1 个解决方案

解决方案1
 2 已采纳  2018-10-17 20:11:01

Mixing the Spring Web Security XML and annotation configurations would mean that that the same bean instance, viz., security:http is being configured via XML as well as JavaConfig. 混合Spring Web Security XML和注释配置意味着通过XML和JavaConfig配置相同的 bean实例,即security:http It would be configured with some intercept URL patterns using XML and some other Ant matchers using JavaConfig. 它将使用XML和一些其他使用JavaConfig的Ant匹配器配置一些拦截URL模式。 But please note that intercept URL patterns are always evaluated in the order they are defined and also the matchers are considered in order . 但请注意,拦截URL 模式始终按其定义的顺序进行评估,并且还会按顺序考虑匹配器 So, Spring Security only considers the XML configurations and ignores the JavaConfig ones as, if it considers both, it won't have any sense of order of URL definitions . 因此,Spring Security仅考虑XML配置并忽略JavaConfig,因为如果它同时考虑到两者, 它将不会对URL定义有任何顺序感 I couldn't find any documentation that directly supports this theory. 我找不到任何直接支持这一理论的文档。 If you share the Spring Boot log statements that are produced when the application boots up, we may get a better view of what Spring Boot is doing. 如果您共享应用程序启动时生成的Spring Boot日志语句,我们可以更好地了解Spring Boot正在执行的操作。

So, I don't think that you can mix Spring Annotations with XML Configuration when configuring Spring Web Security and will advise to migrate legacy XML configurations to JavaConfig. 因此,在配置Spring Web Security时,我认为您不能将Spring Annotations与XML Configuration混合使用,并建议将旧的XML配置迁移到JavaConfig。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 混合Java Config和XML Spring 4 - Mixing Java Config and XML Spring 4 用spring混合xml和java配置 - Mixing xml and java config with spring 混合 Spring Data Annotations - Mixing in Spring Data Annotations spring security config xml to java - spring security config xml to java Spring Security Oauth:从xml迁移到注释 - Spring Security Oauth: migration from xml to annotations 如何使用批注(无xml)配置spring-security? - How to configure spring-security with annotations (no xml)? Spring MVC Controller配置 - 混合注释和XML @PathVariable - Spring MVC Controller configuration - mixing annotations and XML @PathVariable Junit - 通过注释加载Spring XML配置 - Junit - loading Spring XML config through annotations 在Spring中混合使用web.xml和AbstractAnnotationConfigDispatcherServletInitializer - Mixing web.xml and AbstractAnnotationConfigDispatcherServletInitializer in Spring Spring Security XML配置与Java配置 - Spring Security XML Config Vs Java Config
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM