gpt4 book ai didi

java - 使用 XML 配置的 Spring Social 和 Spring Security

转载 作者:塔克拉玛干 更新时间:2023-11-02 07:44:35 25 4
gpt4 key购买 nike

我正在尝试将 Spring Social 引入到现有的 Spring Security 网络应用程序中。现有的网络应用程序使用 XML 配置,即:

<security:http  
disable-url-rewriting="true"
use-expressions="true"
xmlns="http://www.springframework.org/schema/security">
...
<intercept-url
pattern="/w/configuration/**"
access="hasRole ('ROLE_ADMIN')"/>
...
<form-login
login-page="/w/welcome"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"/>
<logout logout-success-url="/w/welcome"/>
</security:http>

如何将 SpringSocialConfigurer() 添加到配置中? Spring Social 上的所有文档都使用我想避免的基于 Java 的配置,例如:

@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.formLogin()
.loginPage("/signin")
.loginProcessingUrl("/signin/authenticate")
.failureUrl("/signin?param.error=bad_credentials")
.and()
.logout()
.logoutUrl("/signout")
.deleteCookies("JSESSIONID")
.and()
.apply(new SpringSocialConfigurer());
}

apply() 方法的 XML 等价物是什么?

最佳答案

在花一些时间查看 SpringSocialConfigurer 的代码后,这里是有些等效的 XML 配置的作用:

<security:http  
disable-url-rewriting="true"
use-expressions="true"
xmlns="http://www.springframework.org/schema/security">
...
<intercept-url
pattern="/w/configuration/**"
access="hasRole ('ROLE_ADMIN')"/>
...
<form-login
login-page="/w/welcome"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"/>
<logout logout-success-url="/w/welcome"/>

<!-- Add a custom filter to handle Social media logins -->
<custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/>
</security:http>

<security:authentication-manager
id="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<!-- Social Media sites as authentication provider -->
<authentication-provider ref="socialAuthProvider"/>
</security:authentication-manager>

<!--
Define the framework required for using Social Media sites
as Authentication Providers.
-->
<bean id="connectionFactoryLocator"
class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
<property name="connectionFactories">
<list>
<bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
<constructor-arg value="${social.facebook.appId}" />
<constructor-arg value="${social.facebook.appSecret}" />
</bean>
</list>
</property>
</bean>
<bean id="socialUsersConxRepo"
class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialUserIdSource"
class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="socialAuthFilter"
class="org.springframework.social.security.SocialAuthenticationFilter">
<constructor-arg ref="authenticationManager"/>
<constructor-arg ref="socialUserIdSource"/>
<constructor-arg ref="socialUsersConxRepo"/>
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialAuthProvider"
class="org.springframework.social.security.SocialAuthenticationProvider">
<constructor-arg ref="socialUsersConxRepo"/>

<!-- application defined @Service -->
<constructor-arg ref="socialGamerManager"/>
</bean>

应用程序程序员应该编写自己的“socialGamerManager”bean,该 bean 必须实现 org.springframework.social.security.SocialUserDetailsS​​ervice。 “socialUsersConxRepo”bean 可能会更改为使用 JDBC 实现。

关于java - 使用 XML 配置的 Spring Social 和 Spring Security,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29872674/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com