Spring Security-多个身份验证提供者
[英]Spring Security - multiple authentication-providers
问题描述
My web app has multiple authentication managers (one for API one for WEB access). 
我的Web应用程序有多个身份验证管理器(一个用于API,一个用于WEB访问)。 The api should have a basic auth service only - configured via the spring security markup as seen below: 该api应该仅具有基本的身份验证服务-通过spring安全标记进行配置,如下所示:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:authentication-manager alias="apiAuthenticationManager">
<security:authentication-provider ref="apiAuthenticationProvider" />
</security:authentication-manager>
<security:authentication-provider >
<security:user-service>
<security:user name="apiadmin" password="password" authorities="ROLE_API_ADMIN" />
<security:user name="apiuser" password="otherpassword" authorities="ROLE_API_USER" />
</security:user-service>
</security:authentication-provider>
...
i can not inline the authentication-provider since i want it to be overrideable by child-bean configs. 我不能内联身份验证提供程序,因为我希望它可以被子bean配置覆盖。
my problem is that i can not define an alias/id on the security:authentication-provider element to reference it in the authentication-manager. 我的问题是我无法在security:authentication-provider元素上定义别名/ id以在身份验证管理器中引用它。 Is there an easy workaround for this? 有一个简单的解决方法吗?
Solution: 解:
i finally figured out how to do it using the namespace-way without diving into plain bean config :) 我终于想出了如何使用命名空间的方式来做到这一点,而无需深入研究纯bean的配置:)
<security:user-service id="apiUserDetailsService">
<security:user name="apiadmin" password="password" authorities="ROLE_API_ADMIN" />
<security:user name="apiuser" password="otherpassword" authorities="ROLE_API_USER" />
</security:user-service>
<security:authentication-manager alias="apiAuthenticationManager">
<security:authentication-provider user-service-ref="apiUserDetailsService"/>
</security:authentication-manager>
2 个解决方案
解决方案1
4 已采纳 2012-01-25 09:04:46
Please keep in mind that this Spring Security XML namespace is just a neat way of organizing your XML. 请记住,这个Spring Security XML名称空间只是组织XML的一种巧妙方法。 You could achieve exactly the same solution with plain <bean> config. 您可以使用普通的<bean>配置实现完全相同的解决方案。 That way you will be able to use ID, as usual. 这样,您将可以照常使用ID。 This blog post might be helpful for you. 这篇博客文章可能对您有所帮助。
解决方案2
0 2012-01-25 09:10:44
In namespace the name can be add it in the java with the @Service("userDetailsService") with a name. 在名称空间中,可以使用带有名称的@Service("userDetailsService")在java添加名称。
You can also define beans and add them to the chain. 您还可以定义bean并将其添加到链中。
<bean id="myFilter" class="a.b.c.myFilter">
<security:custom-filter before="BASIC_PROCESSING_FILTER" />
<property name="authenticationManager" ref="_authenticationManager" />
</bean>
<bean id="myProvider" class="a.b.c.myProvider">
<security:custom-authentication-provider />
<property name="userDetailsService" ref="userDetailsService" />
</bean>
<security:http>
[...]
</security:http>
the _authenticationManager is the name of the bean that is registered in namespace. _authenticationManager是在名称空间中注册的bean的名称。
This would be executed before the basic auth. 这将在基本身份验证之前执行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.