gpt4 book ai didi

security - 如何在Spring Security 3中为匿名用户从数据库加载角色?

转载 作者:行者123 更新时间:2023-12-02 19:59:06 29 4
gpt4 key购买 nike

我正在使用 Spring Security 3.0.2,但找不到从数据库加载匿名用户角色的方法(我有动态角色,可以将角色分配给每个人)。

我尝试使用自定义的anonymousAuthenticationProvider,但从未调用此提供程序。这是我的配置:

<http auto-config="false">
<logout invalidate-session="true" logout-success-url="/page/welcome" />
<remember-me />
<anonymous username="_GUEST_" granted-authority="ROLE_GUEST" key="anonymousKey" />
<form-login login-page="/page/login" authentication-failure-url="/page/login?fail=1" default-target-url="/page/welcome" />
</http>

<authentication-manager alias="authenticationManager">
<authentication-provider ref="anonymousAuthenticationProvider"></authentication-provider>
<authentication-provider user-service-ref="accountDetails">
<password-encoder ref="passwordEncoder">
<salt-source user-property="xxxx" />
</password-encoder>
</authentication-provider>
</authentication-manager>

<beans:bean id="accountDetails" class="com.mysite.AccountDetailsImpl" />

<beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<beans:constructor-arg value="512" />
</beans:bean>

<beans:bean id="anonymousAuthenticationProvider" class="com.my.site.security.CustomAnonymousAuthenticationProvider">
<beans:property name="key" value="anonymousKey" />
</beans:bean>

我的匿名身份验证提供程序从未被调用,因此我无法从数据库加载自定义权限。当我登录时,我的服务 accountDetails 被调用,我可以从数据库中为用户加载角色,我希望匿名用户也能做同样的事情。

我该怎么做?谢谢

最佳答案

实现它的最简单方法似乎是使用自定义 UserAttribute 声明一个 AnonymousAuthenticationFilter,这将生成所需的权限:

<http auto-config = "false">
<anonymous enabled = "false" />
<custom-filter ref = "myFilter" position = "ANONYMOUS_FILTER" />
...
</http>

<beans:bean id = "myFilter" class = "org.springframework.security.web.authentication.AnonymousAuthenticationFilter">
<beans:property name = "key" value = "anonymousKey" />
<beans:property name = "userAttribute" ref = "myAttributes" />
</beans:bean>

<beans:bean id = "myAttributes" class = "..." />

关于security - 如何在Spring Security 3中为匿名用户从数据库加载角色?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/2370200/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com