stackoom
  简体   繁体   中英

Spring security configuration to java configuration

 原文  2014-07-11 13:31:00       java/ spring/ spring-security

Question

I am trying with no luck to translate this configuration to java config I have all the classes ready but i just can figure it out Please help 

<bean id="passwordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
    <constructor-arg value="ThisIsASecretSoChangeMe" />
</bean>

<security:authentication-manager id="authenticationManager">
    <security:authentication-provider user-service-ref="userDao">
        <security:password-encoder ref="passwordEncoder"></security:password-encoder>
    </security:authentication-provider>
</security:authentication-manager>

<security:http
        realm="Protected API"
        use-expressions="true"
        auto-config="false"
        create-session="stateless"
        entry-point-ref="unauthorizedEntryPoint"
        authentication-manager-ref="authenticationManager">
    <security:custom-filter ref="authenticationTokenProcessingFilter" position="FORM_LOGIN_FILTER" />
    <security:intercept-url pattern="/rest/user/authenticate" access="permitAll" />
    <security:intercept-url method="GET" pattern="/rest/news/**" access="hasRole('user')" />
    <security:intercept-url method="PUT" pattern="/rest/news/**" access="hasRole('admin')" />
    <security:intercept-url method="POST" pattern="/rest/news/**" access="hasRole('admin')" />
    <security:intercept-url method="DELETE" pattern="/rest/news/**" access="hasRole('admin')" />
</security:http>

<bean id="unauthorizedEntryPoint" class="net.dontdrinkandroot.example.angularrestspringsecurity.rest.UnauthorizedEntryPoint" />

<bean class="net.dontdrinkandroot.example.angularrestspringsecurity.rest.AuthenticationTokenProcessingFilter" id="authenticationTokenProcessingFilter">
    <constructor-arg ref="userDao" />
</bean>

1 answers

solution1
 0  2014-09-19 19:05:20

This appears to have been addressed in this post Spring: Annotation equivalent of security:authentication-manager and security:global-method-security

I have left mine in xml form for the moment. I stripped everything but the security config from the rest-services-config.xml then imported it to my new configWebXml class like this: 

@Configuration
@ComponentScan
@EnableAutoConfiguration
@ImportResource("classpath:rest-services-config.xml")
public class ConfigWebXml extends SpringBootServletInitializer {
   @Override
    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
        return application.sources(Application.class);
    }

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}

Until I did this, the security context would not be cleared. After a successful login, it would never go back and validate the token. This allowed me to convert to a full annotation based springboot app with the exception of spring security.

Hope this helps.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring Security Java configuration Spring Security (Java Configuration) problems Spring MVC + Security with Java Configuration auth Spring security java configuration Spring Security java configuration confusion spring security 3.2 java configuration Converting XML configuration to java configuration in spring security for global method security Spring Security XML configuration and Spring SAML in Java configuration BcryptEncoder configuration in Spring Security Configuration spring security 4.0.0 java configuration with no xml
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM