Spring security 多jar中的安全配置
我想问一下,是否可以将我的安全配置分散在多个JAR中。例如,我有一个项目(myproj.war),它在@Configuration中定义了所有的安全规则,但我也有一个单独的jar(rest.jar)中的rest@Configuration,因此人们可以将它放在自己的类路径中,并立即获得/rest/*支持。 在我想为rest配置添加安全性之前,这一切都很好。我在我的rest.jar中添加了带有@EnableWebSecurity的@Configuration,但它没有被选中!我在我的DigestAuthenticationFilter中有一个断点,它从来没有通过它!!!然而,我可以看到bean是在启动期间创建的,过滤器本身从未被触发 编辑: 以下是我的war安全web配置:Spring security 多jar中的安全配置,spring-security,Spring Security,我想问一下,是否可以将我的安全配置分散在多个JAR中。例如,我有一个项目(myproj.war),它在@Configuration中定义了所有的安全规则,但我也有一个单独的jar(rest.jar)中的rest@Configuration,因此人们可以将它放在自己的类路径中,并立即获得/rest/*支持。 在我想为rest配置添加安全性之前,这一切都很好。我在我的rest.jar中添加了带有@EnableWebSecurity的@Configuration,但它没有被选中!我在我的DigestA
@Order(value = 0)
public class StorefrontWebConfig implements WebApplicationInitializer {
@Override
public void onStartup(final ServletContext servletContext) throws ServletException {
final AnnotationConfigWebApplicationContext webCtx = new AnnotationConfigWebApplicationContext();
webCtx.register(StorefrontSecurityConfig.class);
webCtx.register(StorefrontMVCConfig.class);
servletContext.addListener(new RequestContextListener());
servletContext.addListener(new HttpSessionMutexListener());
servletContext.addListener(new ContextLoaderListener(webCtx));
servletContext.addListener(new BroadcasterCreator());
/* JAWR */
.... jawr definitions ....
/* Spring Delegating Dispatcher Servlet */
final Servlet dispatcherServlet = new DispatcherServlet(webCtx);
final ServletRegistration.Dynamic dispatcherServletReg = servletContext.addServlet("dispatcherServlet", dispatcherServlet);
dispatcherServletReg.setLoadOnStartup(1);
dispatcherServletReg.setInitParameter("contextConfigLocation", "");
dispatcherServletReg.addMapping("/");
/* Character Encoding Filter */
final FilterRegistration charEncodingfilterReg = servletContext.addFilter("characterEncodingFilter", CharacterEncodingFilter.class);
charEncodingfilterReg.setInitParameter("encoding", "UTF-8");
charEncodingfilterReg.setInitParameter("forceEncoding", "true");
charEncodingfilterReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* Resources Filter */
final FilterRegistration resourcesFilterReg = servletContext.addFilter("resourceFilter", ResourceFilter.class);
resourcesFilterReg.addMappingForUrlPatterns(null, false, "/resources/*");
resourcesFilterReg.addMappingForUrlPatterns(null, false, "/webjars/*");
/* Storefront Delegating Filter */
final FilterRegistration storefrontFilterChainReg = servletContext.addFilter("storefrontFilterChain", DelegatingFilterProxy.class);
storefrontFilterChainReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* HiddenHttpMethodFilter Filter */
final FilterRegistration hiddenHttpMethodFilterReg = servletContext.addFilter("hiddenHttpMethodFilter", HiddenHttpMethodFilter.class);
hiddenHttpMethodFilterReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* Spring Security Delegating Filter */
final FilterRegistration springSecurityFilterChainReg = servletContext.addFilter("springSecurityFilterChain", DelegatingFilterProxy.class);
springSecurityFilterChainReg.addMappingForServletNames(EnumSet.<DispatcherType>of(DispatcherType.REQUEST, DispatcherType.ERROR, DispatcherType.ASYNC), false, dispatcherServletReg.getName());
}
}
@Configuration
@EnableWebSecurity
public class StorefrontSecurityConfig {
@Autowired
private ObjectPostProcessor<Object> opp;
@Resource
public ApplicationContext context;
// @formatter:off
@Order(1)
@Configuration
public static class CheckoutStorefrontSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
public ApplicationContext context;
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.headers().frameOptions().disable()
.antMatcher("/checkout/**")
.anonymous().principal("anonymous").authorities("ROLE_ANONYMOUS").and()
.sessionManagement().sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()).and()
.authorizeRequests().and()
.requiresChannel()
.antMatchers("/checkout*").requiresSecure()
.antMatchers("/checkout/**").requiresSecure()
.antMatchers("/checkout/j_spring_security_check").requiresSecure().and()
.formLogin()
.loginProcessingUrl("/checkout/j_spring_security_check").permitAll()
.loginPage("/checkout/login")
.failureHandler(defaultCheckoutAuthenticationFailureHandler())
.successHandler(defaultLoginCheckoutGUIDAuthenticationSuccessHandler()).and()
.logout()
.logoutUrl("/j_spring_security_logout")
.logoutSuccessHandler((SimpleUrlLogoutSuccessHandler) context.getBean(StoreFrontLogoutSuccessHandler.NAME)).and()
.rememberMe().rememberMeServices(context.getBean(DefaultRememberMeServices.class)).and()
.portMapper()
.http(80).mapsTo(443)
.http(8111).mapsTo(8112)
.http(8080).mapsTo(8443).and()
.exceptionHandling().accessDeniedHandler(defaultCheckoutAccessDeniedHandler()).and()
.requestCache().requestCache(httpSessionRequestCache());
}
@Bean(name = {"defaultLoginCheckoutGUIDAuthenticationSuccessHandler", "loginCheckoutGUIDAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginCheckoutGUIDAuthenticationSuccessHandler() {
final GUIDAuthenticationSuccessHandler guidAuthenticationSuccessHandler = new GUIDAuthenticationSuccessHandler();
guidAuthenticationSuccessHandler.setAuthenticationSuccessHandler(defaultLoginCheckoutAuthenticationSuccessHandler());
return guidAuthenticationSuccessHandler;
}
@Bean(name = {"defaultLoginCheckoutAuthenticationSuccessHandler", "loginCheckoutAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginCheckoutAuthenticationSuccessHandler() {
final StoreFrontAuthenticationSuccessHandler storeFrontAuthenticationSuccessHandler = new StoreFrontAuthenticationSuccessHandler();
storeFrontAuthenticationSuccessHandler.setDefaultTargetUrl("/checkout");
final Map<UiExperienceLevel, Boolean> forceDefaultTargetForUiExperienceLevel = new HashMap<UiExperienceLevel, Boolean>();
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.MOBILE, Boolean.TRUE);
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.NORMAL, Boolean.TRUE);
storeFrontAuthenticationSuccessHandler.setForceDefaultTargetForUiExperienceLevel(forceDefaultTargetForUiExperienceLevel);
return storeFrontAuthenticationSuccessHandler;
}
@Bean(name = {"defaultCheckoutAuthenticationFailureHandler", "checkoutAuthenticationFailureHandler"})
protected AuthenticationFailureHandler defaultCheckoutAuthenticationFailureHandler() {
final LoginAuthenticationFailureHandler loginAuthenticationFailureHandler = new LoginAuthenticationFailureHandler();
loginAuthenticationFailureHandler.setDefaultFailureUrl("/checkout/login?failed=auth");
return loginAuthenticationFailureHandler;
}
@Bean(name = {"defaultCheckoutAccessDeniedHandler", "checkoutAccessDeniedHandler"})
protected AccessDeniedHandler defaultCheckoutAccessDeniedHandler() {
final AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
accessDeniedHandler.setErrorPage("/403");
return accessDeniedHandler;
}
}
@Order(2)
@Configuration
public static class DefaultStorefrontSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
public ApplicationContext context;
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.headers().frameOptions().disable()
.anonymous().principal("anonymous").authorities("ROLE_ANONYMOUS").and()
.sessionManagement().sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()).and()
.authorizeRequests()
.antMatchers("/my-account*").hasRole("CUSTOMERGROUP")
.antMatchers("/my-account/**").hasRole("CUSTOMERGROUP").and()
.requiresChannel()
.antMatchers("/login").requiresSecure()
.antMatchers("/login/**").requiresSecure()
.antMatchers("/register/**").requiresSecure()
.antMatchers("/signin/**").requiresSecure()
.antMatchers("/j_spring_security_check").requiresSecure()
.antMatchers("/logout").requiresSecure()
.antMatchers("/**").requiresInsecure().and()
.formLogin()
.loginProcessingUrl("/j_spring_security_check").permitAll()
.loginPage("/login").permitAll()
.defaultSuccessUrl("/my-account", false)
.failureHandler(defaultAuthenticationFailureHandler())
.successHandler(defaultLoginGUIDAuthenticationSuccessHandler()).and()
.logout()
.logoutUrl("/j_spring_security_logout")
.logoutSuccessHandler(context.getBean(StoreFrontLogoutSuccessHandler.class)).and() .rememberMe().rememberMeServices(context.getBean(DefaultRememberMeServices.class)).and()
.portMapper()
.http(80).mapsTo(443)
.http(8111).mapsTo(8112)
.http(8080).mapsTo(8443).and()
.exceptionHandling().accessDeniedHandler(defaultAccessDeniedHandler()).and()
.requestCache().requestCache(httpSessionRequestCache());
}
@Bean(name = {"defaultLoginGUIDAuthenticationSuccessHandler", "loginGUIDAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginGUIDAuthenticationSuccessHandler() {
final GUIDAuthenticationSuccessHandler guidAuthenticationSuccessHandler = new GUIDAuthenticationSuccessHandler();
guidAuthenticationSuccessHandler.setAuthenticationSuccessHandler(defaultLoginAuthenticationSuccessHandler());
return guidAuthenticationSuccessHandler;
}
@Bean(name = {"defaultLoginAuthenticationSuccessHandler", "loginAuthenticationSuccessHandler"})
protected StoreFrontAuthenticationSuccessHandler defaultLoginAuthenticationSuccessHandler() {
final StoreFrontAuthenticationSuccessHandler storeFrontAuthenticationSuccessHandler = new StoreFrontAuthenticationSuccessHandler();
storeFrontAuthenticationSuccessHandler.setDefaultTargetUrl("/my-account");
storeFrontAuthenticationSuccessHandler.setUseReferer(true);
storeFrontAuthenticationSuccessHandler.setRequestCache(httpSessionRequestCache());
final Map<UiExperienceLevel, Boolean> forceDefaultTargetForUiExperienceLevel = new HashMap<UiExperienceLevel, Boolean>();
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.MOBILE, Boolean.TRUE);
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.NORMAL, Boolean.FALSE);
storeFrontAuthenticationSuccessHandler.setForceDefaultTargetForUiExperienceLevel(forceDefaultTargetForUiExperienceLevel);
return storeFrontAuthenticationSuccessHandler;
}
@Bean(name = {"defaultAuthenticationFailureHandler", "authenticationFailureHandler"})
protected AuthenticationFailureHandler defaultAuthenticationFailureHandler() {
final LoginAuthenticationFailureHandler loginAuthenticationFailureHandler = new LoginAuthenticationFailureHandler();
loginAuthenticationFailureHandler.setDefaultFailureUrl("/login?failed=auth");
return loginAuthenticationFailureHandler;
}
@Bean(name = {"defaultAccessDeniedHandler", "accessDeniedHandler"})
protected AccessDeniedHandler defaultAccessDeniedHandler() {
final AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
accessDeniedHandler.setErrorPage("/403");
return accessDeniedHandler;
}
}
@Bean(name = {"defaultAuthenticationManager", "authenticationManager"})
public AuthenticationManager defaultAuthenticationManager() throws Exception {
return new AuthenticationManagerBuilder(opp).userDetailsService(context.getBean(PlatformUserDetailsService.class)).passwordEncoder(new Md5PasswordEncoder()).and().build();
}
// @formatter:on
@Bean(name = { "defaultRedirectStrategy", "redirectStrategy" })
protected DefaultRedirectStrategy defaultRedirectStrategy() {
return new DefaultRedirectStrategy();
}
@Bean(name = { "httpSessionRequestCache", "requestCache" })
protected static HttpSessionRequestCache httpSessionRequestCache() {
return new WebHttpSessionRequestCache();
}
/* Remember-me services */
@Bean(name = { "defaultRememberMeAuthenticationFilter", "rememberMeAuthenticationFilter" })
protected RememberMeAuthenticationFilter defaultRememberMeAuthenticationFilter() throws Exception {
return new RememberMeAuthenticationFilter(defaultAuthenticationManager(), context.getBean(DefaultRememberMeServices.class));
}
@Bean(name = { "defaultRememberMeAuthenticationProvider", "rememberMeAuthenticationProvider" })
protected RememberMeAuthenticationProvider defaultRememberMeAuthenticationProvider() {
return new RememberMeAuthenticationProvider("storefront");
}
}
@Order(值=0)
公共类StorefrontWebConfig实现WebApplicationInitializer{
@凌驾
启动时公共void(最终ServletContext ServletContext)引发ServletException{
最终注释ConfigWebApplicationContext WebTX=新注释ConfigWebApplicationContext();
webCtx.register(StorefrontSecurityConfig.class);
webCtx.register(StorefrontMVCConfig.class);
addListener(新的RequestContextListener());
addListener(新的HttpSessionMutexListener());
addListener(新的ContextLoaderListener(WebCx));
servletContext.addListener(新的广播创建者());
/*加尔*/
……jawr定义。。。。
/*Spring委托调度器Servlet*/
最终Servlet dispatcherServlet=新dispatcherServlet(webCtx);
最终ServletRegistration.Dynamic dispatcherServletReg=servletContext.addServlet(“dispatcherServlet”,dispatcherServlet);
Dispatchers Servletreg.setLoadOnStartup(1);
dispatcherServletReg.setInitParameter(“contextConfigLocation”,“”);
dispatcherServletReg.addMapping(“/”);
/*字符编码滤波器*/
final FilterRegistration charEncodingfilterReg=servletContext.addFilter(“characterEncodingFilter”,characterEncodingFilter.class);
charEncodingfilterReg.setInitParameter(“编码”、“UTF-8”);
charEncodingfilterReg.setInitParameter(“forceEncoding”、“true”);
charEncodingfilterReg.addMappingForServletNames(null,false,dispatcherServletReg.getName());
/*资源过滤器*/
最终过滤器注册resourcesFilterReg=servletContext.addFilter(“resourceFilter”,resourceFilter.class);
resourcesFilterReg.addMappingForUrlPatterns(null,false,“/resources/*”);
resourcesFilterReg.addMappingForUrlPatterns(null,false,“/webjars/*”);
/*店面授权筛选器*/
最终过滤器注册storefrontFilterChainReg=servletContext.addFilter(“storefrontFilterChain”,DelegatingFilterProxy.class);
storefrontFilterChainReg.addMappingForServletNames(null、false、dispatcherServletReg.getName());
/*HiddenHttpMethodFilter过滤器*/
最终过滤器注册hiddenHttpMethodFilterReg=servletContext.addFilter(“hiddenHttpMethodFilter”,hiddenHttpMethodFilter.class);
hiddenHttpMethodFilterReg.addMappingForServletNames(null、false、dispatcherServletReg.getName());
/*Spring安全授权过滤器*/
最终过滤器注册springSecurityFilterChainReg=servletContext.addFilter(“springSecurityFilterChain”,DelegatingFilterProxy.class);
springSecurityFilterChainReg.addMappingForServletNames(EnumSet.of(DispatcherType.REQUEST,DispatcherType.ERROR,DispatcherType.ASYNC),false,dispatcherServletReg.getName());
}
}
@Order(value = 0)
public class StorefrontWebConfig implements WebApplicationInitializer {
@Override
public void onStartup(final ServletContext servletContext) throws ServletException {
final AnnotationConfigWebApplicationContext webCtx = new AnnotationConfigWebApplicationContext();
webCtx.register(StorefrontSecurityConfig.class);
webCtx.register(StorefrontMVCConfig.class);
servletContext.addListener(new RequestContextListener());
servletContext.addListener(new HttpSessionMutexListener());
servletContext.addListener(new ContextLoaderListener(webCtx));
servletContext.addListener(new BroadcasterCreator());
/* JAWR */
.... jawr definitions ....
/* Spring Delegating Dispatcher Servlet */
final Servlet dispatcherServlet = new DispatcherServlet(webCtx);
final ServletRegistration.Dynamic dispatcherServletReg = servletContext.addServlet("dispatcherServlet", dispatcherServlet);
dispatcherServletReg.setLoadOnStartup(1);
dispatcherServletReg.setInitParameter("contextConfigLocation", "");
dispatcherServletReg.addMapping("/");
/* Character Encoding Filter */
final FilterRegistration charEncodingfilterReg = servletContext.addFilter("characterEncodingFilter", CharacterEncodingFilter.class);
charEncodingfilterReg.setInitParameter("encoding", "UTF-8");
charEncodingfilterReg.setInitParameter("forceEncoding", "true");
charEncodingfilterReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* Resources Filter */
final FilterRegistration resourcesFilterReg = servletContext.addFilter("resourceFilter", ResourceFilter.class);
resourcesFilterReg.addMappingForUrlPatterns(null, false, "/resources/*");
resourcesFilterReg.addMappingForUrlPatterns(null, false, "/webjars/*");
/* Storefront Delegating Filter */
final FilterRegistration storefrontFilterChainReg = servletContext.addFilter("storefrontFilterChain", DelegatingFilterProxy.class);
storefrontFilterChainReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* HiddenHttpMethodFilter Filter */
final FilterRegistration hiddenHttpMethodFilterReg = servletContext.addFilter("hiddenHttpMethodFilter", HiddenHttpMethodFilter.class);
hiddenHttpMethodFilterReg.addMappingForServletNames(null, false, dispatcherServletReg.getName());
/* Spring Security Delegating Filter */
final FilterRegistration springSecurityFilterChainReg = servletContext.addFilter("springSecurityFilterChain", DelegatingFilterProxy.class);
springSecurityFilterChainReg.addMappingForServletNames(EnumSet.<DispatcherType>of(DispatcherType.REQUEST, DispatcherType.ERROR, DispatcherType.ASYNC), false, dispatcherServletReg.getName());
}
}
@Configuration
@EnableWebSecurity
public class StorefrontSecurityConfig {
@Autowired
private ObjectPostProcessor<Object> opp;
@Resource
public ApplicationContext context;
// @formatter:off
@Order(1)
@Configuration
public static class CheckoutStorefrontSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
public ApplicationContext context;
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.headers().frameOptions().disable()
.antMatcher("/checkout/**")
.anonymous().principal("anonymous").authorities("ROLE_ANONYMOUS").and()
.sessionManagement().sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()).and()
.authorizeRequests().and()
.requiresChannel()
.antMatchers("/checkout*").requiresSecure()
.antMatchers("/checkout/**").requiresSecure()
.antMatchers("/checkout/j_spring_security_check").requiresSecure().and()
.formLogin()
.loginProcessingUrl("/checkout/j_spring_security_check").permitAll()
.loginPage("/checkout/login")
.failureHandler(defaultCheckoutAuthenticationFailureHandler())
.successHandler(defaultLoginCheckoutGUIDAuthenticationSuccessHandler()).and()
.logout()
.logoutUrl("/j_spring_security_logout")
.logoutSuccessHandler((SimpleUrlLogoutSuccessHandler) context.getBean(StoreFrontLogoutSuccessHandler.NAME)).and()
.rememberMe().rememberMeServices(context.getBean(DefaultRememberMeServices.class)).and()
.portMapper()
.http(80).mapsTo(443)
.http(8111).mapsTo(8112)
.http(8080).mapsTo(8443).and()
.exceptionHandling().accessDeniedHandler(defaultCheckoutAccessDeniedHandler()).and()
.requestCache().requestCache(httpSessionRequestCache());
}
@Bean(name = {"defaultLoginCheckoutGUIDAuthenticationSuccessHandler", "loginCheckoutGUIDAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginCheckoutGUIDAuthenticationSuccessHandler() {
final GUIDAuthenticationSuccessHandler guidAuthenticationSuccessHandler = new GUIDAuthenticationSuccessHandler();
guidAuthenticationSuccessHandler.setAuthenticationSuccessHandler(defaultLoginCheckoutAuthenticationSuccessHandler());
return guidAuthenticationSuccessHandler;
}
@Bean(name = {"defaultLoginCheckoutAuthenticationSuccessHandler", "loginCheckoutAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginCheckoutAuthenticationSuccessHandler() {
final StoreFrontAuthenticationSuccessHandler storeFrontAuthenticationSuccessHandler = new StoreFrontAuthenticationSuccessHandler();
storeFrontAuthenticationSuccessHandler.setDefaultTargetUrl("/checkout");
final Map<UiExperienceLevel, Boolean> forceDefaultTargetForUiExperienceLevel = new HashMap<UiExperienceLevel, Boolean>();
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.MOBILE, Boolean.TRUE);
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.NORMAL, Boolean.TRUE);
storeFrontAuthenticationSuccessHandler.setForceDefaultTargetForUiExperienceLevel(forceDefaultTargetForUiExperienceLevel);
return storeFrontAuthenticationSuccessHandler;
}
@Bean(name = {"defaultCheckoutAuthenticationFailureHandler", "checkoutAuthenticationFailureHandler"})
protected AuthenticationFailureHandler defaultCheckoutAuthenticationFailureHandler() {
final LoginAuthenticationFailureHandler loginAuthenticationFailureHandler = new LoginAuthenticationFailureHandler();
loginAuthenticationFailureHandler.setDefaultFailureUrl("/checkout/login?failed=auth");
return loginAuthenticationFailureHandler;
}
@Bean(name = {"defaultCheckoutAccessDeniedHandler", "checkoutAccessDeniedHandler"})
protected AccessDeniedHandler defaultCheckoutAccessDeniedHandler() {
final AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
accessDeniedHandler.setErrorPage("/403");
return accessDeniedHandler;
}
}
@Order(2)
@Configuration
public static class DefaultStorefrontSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
public ApplicationContext context;
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.headers().frameOptions().disable()
.anonymous().principal("anonymous").authorities("ROLE_ANONYMOUS").and()
.sessionManagement().sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy()).and()
.authorizeRequests()
.antMatchers("/my-account*").hasRole("CUSTOMERGROUP")
.antMatchers("/my-account/**").hasRole("CUSTOMERGROUP").and()
.requiresChannel()
.antMatchers("/login").requiresSecure()
.antMatchers("/login/**").requiresSecure()
.antMatchers("/register/**").requiresSecure()
.antMatchers("/signin/**").requiresSecure()
.antMatchers("/j_spring_security_check").requiresSecure()
.antMatchers("/logout").requiresSecure()
.antMatchers("/**").requiresInsecure().and()
.formLogin()
.loginProcessingUrl("/j_spring_security_check").permitAll()
.loginPage("/login").permitAll()
.defaultSuccessUrl("/my-account", false)
.failureHandler(defaultAuthenticationFailureHandler())
.successHandler(defaultLoginGUIDAuthenticationSuccessHandler()).and()
.logout()
.logoutUrl("/j_spring_security_logout")
.logoutSuccessHandler(context.getBean(StoreFrontLogoutSuccessHandler.class)).and() .rememberMe().rememberMeServices(context.getBean(DefaultRememberMeServices.class)).and()
.portMapper()
.http(80).mapsTo(443)
.http(8111).mapsTo(8112)
.http(8080).mapsTo(8443).and()
.exceptionHandling().accessDeniedHandler(defaultAccessDeniedHandler()).and()
.requestCache().requestCache(httpSessionRequestCache());
}
@Bean(name = {"defaultLoginGUIDAuthenticationSuccessHandler", "loginGUIDAuthenticationSuccessHandler"})
protected AuthenticationSuccessHandler defaultLoginGUIDAuthenticationSuccessHandler() {
final GUIDAuthenticationSuccessHandler guidAuthenticationSuccessHandler = new GUIDAuthenticationSuccessHandler();
guidAuthenticationSuccessHandler.setAuthenticationSuccessHandler(defaultLoginAuthenticationSuccessHandler());
return guidAuthenticationSuccessHandler;
}
@Bean(name = {"defaultLoginAuthenticationSuccessHandler", "loginAuthenticationSuccessHandler"})
protected StoreFrontAuthenticationSuccessHandler defaultLoginAuthenticationSuccessHandler() {
final StoreFrontAuthenticationSuccessHandler storeFrontAuthenticationSuccessHandler = new StoreFrontAuthenticationSuccessHandler();
storeFrontAuthenticationSuccessHandler.setDefaultTargetUrl("/my-account");
storeFrontAuthenticationSuccessHandler.setUseReferer(true);
storeFrontAuthenticationSuccessHandler.setRequestCache(httpSessionRequestCache());
final Map<UiExperienceLevel, Boolean> forceDefaultTargetForUiExperienceLevel = new HashMap<UiExperienceLevel, Boolean>();
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.MOBILE, Boolean.TRUE);
forceDefaultTargetForUiExperienceLevel.put(UiExperienceLevel.NORMAL, Boolean.FALSE);
storeFrontAuthenticationSuccessHandler.setForceDefaultTargetForUiExperienceLevel(forceDefaultTargetForUiExperienceLevel);
return storeFrontAuthenticationSuccessHandler;
}
@Bean(name = {"defaultAuthenticationFailureHandler", "authenticationFailureHandler"})
protected AuthenticationFailureHandler defaultAuthenticationFailureHandler() {
final LoginAuthenticationFailureHandler loginAuthenticationFailureHandler = new LoginAuthenticationFailureHandler();
loginAuthenticationFailureHandler.setDefaultFailureUrl("/login?failed=auth");
return loginAuthenticationFailureHandler;
}
@Bean(name = {"defaultAccessDeniedHandler", "accessDeniedHandler"})
protected AccessDeniedHandler defaultAccessDeniedHandler() {
final AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
accessDeniedHandler.setErrorPage("/403");
return accessDeniedHandler;
}
}
@Bean(name = {"defaultAuthenticationManager", "authenticationManager"})
public AuthenticationManager defaultAuthenticationManager() throws Exception {
return new AuthenticationManagerBuilder(opp).userDetailsService(context.getBean(PlatformUserDetailsService.class)).passwordEncoder(new Md5PasswordEncoder()).and().build();
}
// @formatter:on
@Bean(name = { "defaultRedirectStrategy", "redirectStrategy" })
protected DefaultRedirectStrategy defaultRedirectStrategy() {
return new DefaultRedirectStrategy();
}
@Bean(name = { "httpSessionRequestCache", "requestCache" })
protected static HttpSessionRequestCache httpSessionRequestCache() {
return new WebHttpSessionRequestCache();
}
/* Remember-me services */
@Bean(name = { "defaultRememberMeAuthenticationFilter", "rememberMeAuthenticationFilter" })
protected RememberMeAuthenticationFilter defaultRememberMeAuthenticationFilter() throws Exception {
return new RememberMeAuthenticationFilter(defaultAuthenticationManager(), context.getBean(DefaultRememberMeServices.class));
}
@Bean(name = { "defaultRememberMeAuthenticationProvider", "rememberMeAuthenticationProvider" })
protected RememberMeAuthenticationProvider defaultRememberMeAuthenticationProvider() {
return new RememberMeAuthenticationProvider("storefront");
}
}
@配置
@启用Web安全性
公共类StorefrontSecurityConfig{
@自动连线
私有对象后处理器opp;
@资源
公共应用语境;
//@formatter:off
@订单(1)
@配置
公共静态类CheckoutStorefrontSecurityConfig扩展了WebSecurity配置适配器{
@资源
公共应用语境;
@凌驾
public void configure(最终web安全性web)引发异常{
忽略().antMatchers(“/resources/**”);
}
@凌驾
受保护的void configure(最终HttpSecurity http)引发异常{
http
.headers().frameOptions().disable()
.antMatcher(“/checkout/**”)
.anonymous().principal(“anonymous”).Authority(“ROLE_anonymous”)。和()
.sessionManagement().sessionAuthenticationStrategy(新的NullAuthenticatedSessionStrategy())和()
.authorizedRequests()和()
.requireChannel()
.antMatchers(“/checkout*”).requiresSecure()
.antMatchers(“/checkout/**”).requiresSecure()
.antMatchers(“/checkout/j_spring_security_check”).requirescure()和()
.formLogin()
.loginProcessingUrl(“/checkout/j_spring_security_check”).permitAll()
.loginPage(“/checkout/login”)
.failureHandler(defaultCheckoutAuthenticationFailureHandler())
.successHandler(defaultLoginCheckoutGUIDAuthenticationSuccessHandler())和()
.logout()
.logoutUrl(“/j\u spring\u security\u logout”)
.logoutSuccessHandler((SimpleRullogoutSuccessHandler)context.getBean(StoreFrontLogoutSuccessHandler.NAME))。和()
.rememberMe().rememberMeServices(context.getBean(DefaultRememberMeServices.class))和()
.portMapper()
.http(80).mapsTo(443)
.http(8111).mapsTo(8112)
.http(8080).mapsTo(8443).and()
.exceptionHandling().accessDeniedHandler(defaultCheckoutAccessDeniedHandler())和()
.requestCache().requestCache(httpSessionRequestCache());
}
@Bean(名称={“defaultLoginCheckoutGUIDAuthenticationSuccessHandler”,“loginCheckoutGUIDAuthenticationSuccessHandler”})
受保护的AuthenticationSuccessHandler defaultLoginCheckoutGUIDAuthenticationSuccessHandler(){
最终GUIDAuthenticationSuccessH