Java 使用XML配置的Spring社交和Spring安全_Java_Spring Social

Java 使用XML配置的Spring社交和Spring安全

java

Java 使用XML配置的Spring社交和Spring安全,java,spring-social,Java,Spring Social,我正在尝试将SpringSocial引入一个现有的web应用程序，该应用程序支持SpringSecurity。现有web应用程序使用XML配置，即： <security:http disable-url-rewriting="true" use-expressions="true" xmlns="http://www.springframework.org/schema/security"> ... <intercept-url

我正在尝试将SpringSocial引入一个现有的web应用程序，该应用程序支持SpringSecurity。现有web应用程序使用XML配置，即：

<security:http  
    disable-url-rewriting="true"
    use-expressions="true"
    xmlns="http://www.springframework.org/schema/security">
    ...
    <intercept-url
        pattern="/w/configuration/**"
        access="hasRole ('ROLE_ADMIN')"/>
    ...
    <form-login
        login-page="/w/welcome"
        authentication-success-handler-ref="authSuccessHandler"
        authentication-failure-handler-ref="authFailureHandler"/>
    <logout logout-success-url="/w/welcome"/>
</security:http>

apply（）方法的XML等价物是什么？

花了一些时间查看SpringSocialConfigure的代码后，以下是它的XML等价物配置：

<security:http  
    disable-url-rewriting="true"
    use-expressions="true"
    xmlns="http://www.springframework.org/schema/security">
    ...
    <intercept-url
        pattern="/w/configuration/**"
        access="hasRole ('ROLE_ADMIN')"/>
    ...
    <form-login
        login-page="/w/welcome"
        authentication-success-handler-ref="authSuccessHandler"
        authentication-failure-handler-ref="authFailureHandler"/>
    <logout logout-success-url="/w/welcome"/>

    <!-- Add a custom filter to handle Social media logins -->
    <custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/>
</security:http>

<security:authentication-manager
    id="authenticationManager"
    xmlns="http://www.springframework.org/schema/security">
    <!-- Social Media sites as authentication provider -->
    <authentication-provider ref="socialAuthProvider"/>
</security:authentication-manager>

<!--
   Define the framework required for using Social Media sites
   as Authentication Providers.
 -->
<bean id="connectionFactoryLocator"
    class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
    <property name="connectionFactories">
        <list>
            <bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
                <constructor-arg value="${social.facebook.appId}" />
                <constructor-arg value="${social.facebook.appSecret}" />                
            </bean>
        </list>
    </property>
</bean>
<bean id="socialUsersConxRepo"
    class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
    <constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialUserIdSource"
    class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="socialAuthFilter"
    class="org.springframework.social.security.SocialAuthenticationFilter">
    <constructor-arg ref="authenticationManager"/>
    <constructor-arg ref="socialUserIdSource"/>
    <constructor-arg ref="socialUsersConxRepo"/>
    <constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialAuthProvider"
    class="org.springframework.social.security.SocialAuthenticationProvider">
    <constructor-arg ref="socialUsersConxRepo"/>

    <!-- application defined @Service -->
    <constructor-arg ref="socialGamerManager"/>
</bean>


...
...

应用程序程序员需要编写自己的“SocialGameManager”bean，该bean必须实现

org.springframework.social.security.SocialUserDetailsService

。“socialUsersConxRepo”bean可以更改为使用JDBC实现

<security:http  
    disable-url-rewriting="true"
    use-expressions="true"
    xmlns="http://www.springframework.org/schema/security">
    ...
    <intercept-url
        pattern="/w/configuration/**"
        access="hasRole ('ROLE_ADMIN')"/>
    ...
    <form-login
        login-page="/w/welcome"
        authentication-success-handler-ref="authSuccessHandler"
        authentication-failure-handler-ref="authFailureHandler"/>
    <logout logout-success-url="/w/welcome"/>

    <!-- Add a custom filter to handle Social media logins -->
    <custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/>
</security:http>

<security:authentication-manager
    id="authenticationManager"
    xmlns="http://www.springframework.org/schema/security">
    <!-- Social Media sites as authentication provider -->
    <authentication-provider ref="socialAuthProvider"/>
</security:authentication-manager>

<!--
   Define the framework required for using Social Media sites
   as Authentication Providers.
 -->
<bean id="connectionFactoryLocator"
    class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
    <property name="connectionFactories">
        <list>
            <bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
                <constructor-arg value="${social.facebook.appId}" />
                <constructor-arg value="${social.facebook.appSecret}" />                
            </bean>
        </list>
    </property>
</bean>
<bean id="socialUsersConxRepo"
    class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
    <constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialUserIdSource"
    class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="socialAuthFilter"
    class="org.springframework.social.security.SocialAuthenticationFilter">
    <constructor-arg ref="authenticationManager"/>
    <constructor-arg ref="socialUserIdSource"/>
    <constructor-arg ref="socialUsersConxRepo"/>
    <constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialAuthProvider"
    class="org.springframework.social.security.SocialAuthenticationProvider">
    <constructor-arg ref="socialUsersConxRepo"/>

    <!-- application defined @Service -->
    <constructor-arg ref="socialGamerManager"/>
</bean>