Java 使用XML配置的Spring社交和Spring安全
我正在尝试将SpringSocial引入一个现有的web应用程序,该应用程序支持SpringSecurity。现有web应用程序使用XML配置,即:Java 使用XML配置的Spring社交和Spring安全,java,spring-social,Java,Spring Social,我正在尝试将SpringSocial引入一个现有的web应用程序,该应用程序支持SpringSecurity。现有web应用程序使用XML配置,即: <security:http disable-url-rewriting="true" use-expressions="true" xmlns="http://www.springframework.org/schema/security"> ... <intercept-url
<security:http
disable-url-rewriting="true"
use-expressions="true"
xmlns="http://www.springframework.org/schema/security">
...
<intercept-url
pattern="/w/configuration/**"
access="hasRole ('ROLE_ADMIN')"/>
...
<form-login
login-page="/w/welcome"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"/>
<logout logout-success-url="/w/welcome"/>
</security:http>
apply()方法的XML等价物是什么?花了一些时间查看SpringSocialConfigure的代码后,以下是它的XML等价物配置:
<security:http
disable-url-rewriting="true"
use-expressions="true"
xmlns="http://www.springframework.org/schema/security">
...
<intercept-url
pattern="/w/configuration/**"
access="hasRole ('ROLE_ADMIN')"/>
...
<form-login
login-page="/w/welcome"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"/>
<logout logout-success-url="/w/welcome"/>
<!-- Add a custom filter to handle Social media logins -->
<custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/>
</security:http>
<security:authentication-manager
id="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<!-- Social Media sites as authentication provider -->
<authentication-provider ref="socialAuthProvider"/>
</security:authentication-manager>
<!--
Define the framework required for using Social Media sites
as Authentication Providers.
-->
<bean id="connectionFactoryLocator"
class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
<property name="connectionFactories">
<list>
<bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
<constructor-arg value="${social.facebook.appId}" />
<constructor-arg value="${social.facebook.appSecret}" />
</bean>
</list>
</property>
</bean>
<bean id="socialUsersConxRepo"
class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialUserIdSource"
class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="socialAuthFilter"
class="org.springframework.social.security.SocialAuthenticationFilter">
<constructor-arg ref="authenticationManager"/>
<constructor-arg ref="socialUserIdSource"/>
<constructor-arg ref="socialUsersConxRepo"/>
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialAuthProvider"
class="org.springframework.social.security.SocialAuthenticationProvider">
<constructor-arg ref="socialUsersConxRepo"/>
<!-- application defined @Service -->
<constructor-arg ref="socialGamerManager"/>
</bean>
...
...
应用程序程序员需要编写自己的“SocialGameManager”bean,该bean必须实现org.springframework.social.security.SocialUserDetailsService
。“socialUsersConxRepo”bean可以更改为使用JDBC实现
<security:http
disable-url-rewriting="true"
use-expressions="true"
xmlns="http://www.springframework.org/schema/security">
...
<intercept-url
pattern="/w/configuration/**"
access="hasRole ('ROLE_ADMIN')"/>
...
<form-login
login-page="/w/welcome"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"/>
<logout logout-success-url="/w/welcome"/>
<!-- Add a custom filter to handle Social media logins -->
<custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/>
</security:http>
<security:authentication-manager
id="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<!-- Social Media sites as authentication provider -->
<authentication-provider ref="socialAuthProvider"/>
</security:authentication-manager>
<!--
Define the framework required for using Social Media sites
as Authentication Providers.
-->
<bean id="connectionFactoryLocator"
class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
<property name="connectionFactories">
<list>
<bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
<constructor-arg value="${social.facebook.appId}" />
<constructor-arg value="${social.facebook.appSecret}" />
</bean>
</list>
</property>
</bean>
<bean id="socialUsersConxRepo"
class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialUserIdSource"
class="org.springframework.social.security.AuthenticationNameUserIdSource"/>
<bean id="socialAuthFilter"
class="org.springframework.social.security.SocialAuthenticationFilter">
<constructor-arg ref="authenticationManager"/>
<constructor-arg ref="socialUserIdSource"/>
<constructor-arg ref="socialUsersConxRepo"/>
<constructor-arg ref="connectionFactoryLocator"/>
</bean>
<bean id="socialAuthProvider"
class="org.springframework.social.security.SocialAuthenticationProvider">
<constructor-arg ref="socialUsersConxRepo"/>
<!-- application defined @Service -->
<constructor-arg ref="socialGamerManager"/>
</bean>