Spring security 玉兰CMS带花+;春季安全
我对magnolia blossom用户提出了关于春季安全的问题 我试图遵循所有的指南提供的玉兰cms网页,但没有一个适合我。我已经按照描述的方式配置了web.xml和spring安全上下文,以及我自己从数据库检索用户的配置。我可以使用jetty(eclipse)启动应用程序,而不会出现任何关于beans etx的错误,但当登录页面出现时,我无法实现这种情况。 在开发人员magnolia jetty实例上运行时,我被要求使用magnolia页面登录,成功登录后,没有spring安全性迫使我再次登录。这是示例urlSpring security 玉兰CMS带花+;春季安全,spring-security,magnolia,Spring Security,Magnolia,我对magnolia blossom用户提出了关于春季安全的问题 我试图遵循所有的指南提供的玉兰cms网页,但没有一个适合我。我已经按照描述的方式配置了web.xml和spring安全上下文,以及我自己从数据库检索用户的配置。我可以使用jetty(eclipse)启动应用程序,而不会出现任何关于beans etx的错误,但当登录页面出现时,我无法实现这种情况。 在开发人员magnolia jetty实例上运行时,我被要求使用magnolia页面登录,成功登录后,没有spring安全性迫使我再次登
http://localhost:9999/magnolia-blossom-sample-webapp/home/tours/statues-tour.html
在tomcat上部署到公共magnolia实例时,我没有被要求登录到magnolia,但我得到的页面没有使用spring security的登录页面
http://localhost:8080/magnoliaPublic/home/tours.html
问题是我可能会错过什么,我无法获得授权页面以使用spring security登录
这是我的配置
Magnolia public/author web.xml(因为web.xml不在my blossom模块中)
向Magnolia的过滤器链中的最后一个过滤器致意-
RenderingFilter
在过滤器链中充当终止符。如果它发现要从Magnolia(或通过Blossom)渲染的内容,它将不会继续处理过滤器链,因此您的其他过滤器(spring security)将不会执行。您需要确保在Magnolia筛选器链之前或Magnolia筛选器链内部执行筛选器。要实现后者,请在Magnolia的AdminCentral中的config:/server/filters
下定义过滤器。。。在ContextFilter
之后和CacheFilter
之前的任何位置都可以。使用其他过滤器作为示例,说明如何配置您的过滤器或查看或
嗯,
一月
<filter>
<display-name>Magnolia global filters</display-name>
<filter-name>magnoliaFilterChain</filter-name>
<filter-class>info.magnolia.cms.filters.MgnlMainFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>magnoliaFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>info.magnolia.module.blossom.web.InstallationAwareDelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/home/*</url-pattern> // /* doesn't work neither
</filter-mapping>
<listener>
<listener-class>info.magnolia.init.MagnoliaServletContextListener</listener-class>
</listener>
<context-param>
<description>Vaadin production mode</description>
<param-name>productionMode</param-name>
<param-value>true</param-value>
</context-param>
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"
default-autowire="byType">
<beans:bean id="authSuccessHandler" class="security.auth.AuthenticationSuccessHandler">
<beans:property name="userLogic" ref="userLogic"/>
</beans:bean>
<beans:bean id="authFailureHandler" class="security.auth.AuthenticationFailureHandler">
</beans:bean>
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()" />
<intercept-url pattern="/*" access="hasRole('adminMLM')" />
<form-login login-page="/login"
authentication-success-handler-ref="authSuccessHandler"
authentication-failure-handler-ref="authFailureHandler"
default-target-url="/"
/>
<logout />
</http>
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userLogic"/>
<beans:property name="passwordEncoder" ref="userLogic"/>
<beans:property name="saltSource" ref="userLogic"/>
</beans:bean>
<authentication-manager>
<authentication-provider ref="daoAuthenticationProvider" />
</authentication-manager>
</beans:beans>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:blossom="http://www.magnolia-cms.com/schema/blossom"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.magnolia-cms.com/schema/blossom
http://www.magnolia-cms.com/schema/blossom.xsd ">
<bean class="info.magnolia.blossom.sample.module.service.SalesApplicationWebServiceImpl" />
<bean id="springSecurityFilterChain" class="org.springframework.web.filter.DelegatingFilterProxy"/>
</beans>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<context:annotation-config/>
<context:component-scan base-package="logic.impl" />
<context:component-scan base-package="info.magnolia.blossom.sample.module" use-default-filters="false">
<context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.Template"/>
<context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.Area"/>
<context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.DialogFactory"/>
<context:include-filter type="annotation" expression="info.magnolia.module.blossom.annotation.VirtualURIMapper"/>
<context:include-filter type="assignable" expression="info.magnolia.cms.beans.config.VirtualURIMapping"/>
</context:component-scan>
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
<property name="customArgumentResolvers">
<list>
<bean class="info.magnolia.module.blossom.web.BlossomHandlerMethodArgumentResolver" />
</list>
</property>
<!-- For @Valid - JSR-303 Bean Validation API -->
<property name="webBindingInitializer">
<bean class="org.springframework.web.bind.support.ConfigurableWebBindingInitializer">
<property name="validator">
<bean class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean" />
</property>
</bean>
</property>
</bean>
<bean class="info.magnolia.module.blossom.preexecution.BlossomHandlerMapping">
<property name="targetHandlerMappings">
<list>
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
<property name="useSuffixPatternMatch" value="false" />
</bean>
<bean class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping" />
</list>
</property>
</bean>
<bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter" />
<bean class="info.magnolia.module.blossom.view.UuidRedirectViewResolver">
<property name="order" value="1" />
</bean>
<!-- JSP - renders all views that end with .jsp -->
<bean class="info.magnolia.module.blossom.view.TemplateViewResolver">
<property name="order" value="2"/>
<property name="prefix" value="/templates/blossomSampleModule/"/>
<property name="viewNames" value="*.jsp"/>
<property name="viewRenderer">
<bean class="info.magnolia.module.blossom.view.JspTemplateViewRenderer">
<property name="contextAttributes">
<map>
<entry key="damfn">
<bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
<property name="name" value="damfn"/>
<property name="componentClass" value="info.magnolia.dam.asset.functions.DamTemplatingFunctions"/>
</bean>
</entry>
</map>
</property>
</bean>
</property>
</bean>
<!-- Freemarker - renders all views that end with .ftl -->
<bean class="info.magnolia.module.blossom.view.TemplateViewResolver">
<property name="order" value="3"/>
<property name="prefix" value="/blossomSampleModule/"/>
<property name="viewNames" value="*.ftl"/>
<property name="viewRenderer">
<bean class="info.magnolia.module.blossom.view.FreemarkerTemplateViewRenderer">
<property name="contextAttributes">
<map>
<entry key="cms">
<bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
<property name="name" value="cms"/>
<property name="componentClass" value="info.magnolia.templating.freemarker.Directives"/>
</bean>
</entry>
<entry key="cmsfn">
<bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
<property name="name" value="cmsfn"/>
<property name="componentClass" value="info.magnolia.templating.functions.TemplatingFunctions"/>
</bean>
</entry>
<entry key="damfn">
<bean class="info.magnolia.rendering.renderer.ContextAttributeConfiguration">
<property name="name" value="damfn"/>
<property name="componentClass" value="info.magnolia.dam.asset.functions.DamTemplatingFunctions"/>
</bean>
</entry>
</map>
</property>
</bean>
</property>
</bean>
</beans>
public class BlossomSampleModule extends BlossomModuleSupport implements ModuleLifecycle {
public void start(ModuleLifecycleContext moduleLifecycleContext) {
if (moduleLifecycleContext.getPhase() == ModuleLifecycleContext.PHASE_SYSTEM_STARTUP) {
super.initRootWebApplicationContext("classpath:/applicationContext.xml");
super.initBlossomDispatcherServlet("blossom", "classpath:/blossom-servlet.xml, classpath:/applicationContext-security.xml");
}
}
public void stop(ModuleLifecycleContext moduleLifecycleContext) {
if (moduleLifecycleContext.getPhase() == ModuleLifecycleContext.PHASE_SYSTEM_SHUTDOWN) {
super.destroyDispatcherServlets();
super.closeRootWebApplicationContext();
}
}
}