Fatal编程技术网
  • spring/
  • Spring安全性与OpenIDAuthenticationFilter问题

Spring安全性与OpenIDAuthenticationFilter问题

spring spring-mvc spring-security

Spring安全性与OpenIDAuthenticationFilter问题,spring,spring-mvc,spring-security,Spring,Spring Mvc,Spring Security,我有一些困难使OpenIDAuthenticationFilter工作,我希望有人能帮助我 我的spring-security.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://ww

我有一些困难使OpenIDAuthenticationFilter工作,我希望有人能帮助我

我的spring-security.xml

<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <security:http pattern="/myapp/auth/login" security="none"/> <security:http entry-point-ref="entryPoint"> <security:intercept-url pattern="/myapp/main/*" access="ROLE_USER"/> <security:logout/> <security:custom-filter position="OPENID_FILTER" ref="openIdAuthFilter"/> </security:http> <bean id="openIdAuthFilter" class="org.springframework.security.openid.OpenIDAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureHandler"> <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <property name="defaultFailureUrl" value="/myapp/auth/login?login_error=true"/> </bean> </property> <property name="consumer"> <bean class="org.springframework.security.openid.OpenID4JavaConsumer"> <constructor-arg index="0"> <bean class="org.openid4java.consumer.ConsumerManager"/> </constructor-arg> <constructor-arg index="1"> <list value-type="org.springframework.security.openid.OpenIDAttribute"> <bean class="org.springframework.security.openid.OpenIDAttribute"> <constructor-arg index="0" value="email"/> <constructor-arg index="1" value="http://schema.openid.net/contact/email"/> </bean> <bean class="org.springframework.security.openid.OpenIDAttribute"> <constructor-arg index="0" value="firstName"/> <constructor-arg index="1" value="http://axschema.org/namePerson/first" /> </bean> <bean class="org.springframework.security.openid.OpenIDAttribute"> <constructor-arg index="0" value="lastName"/> <constructor-arg index="1" value="http://axschema.org/namePerson/last" /> </bean> </list> </constructor-arg> </bean> </property> </bean> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="openIdAuthProvider"/> </security:authentication-manager> <bean id="openIdAuthProvider" class="org.springframework.security.openid.OpenIDAuthenticationProvider"> <property name="authenticationUserDetailsService" ref="registeringUserService"/> </bean> <!-- A custom UserDetailsService which will allow any user to authenticate and "register" their IDs in an internal map for use if they return to the site. This is the most common usage pattern for sites which use OpenID. --> <bean id="registeringUserService" class="org.myapp.openid.service.CustomUserDetailsService" /> <bean id="entryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> <property name="loginFormUrl" value="/myapp/auth/login"/> </bean> </beans> org.myapp.openid.service.CustomUserDetailsService.java

public class CustomUserDetailsService implements UserDetailsService, AuthenticationUserDetailsService { private final Map registeredUsers = new HashMap(); private static final List DEFAULT_AUTHORITIES = AuthorityUtils.createAuthorityList("ROLE_USER"); public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException { UserDetails user = registeredUsers.get(id); if (user == null) { throw new UsernameNotFoundException(id); } return user; } /** * Implementation of {@code AuthenticationUserDetailsService} which allows full access to the submitted * {@code Authentication} object. Used by the OpenIDAuthenticationProvider. */ public UserDetails loadUserDetails(OpenIDAuthenticationToken token) { String id = token.getIdentityUrl(); CustomUserDetails user = registeredUsers.get(id); if (user != null) { return user; } String email = null; String firstName = null; String lastName = null; String fullName = null; List attributes = token.getAttributes(); for (OpenIDAttribute attribute : attributes) { if (attribute.getName().equals("email")) { email = attribute.getValues().get(0); } if (attribute.getName().equals("firstname")) { firstName = attribute.getValues().get(0); } if (attribute.getName().equals("lastname")) { lastName = attribute.getValues().get(0); } if (attribute.getName().equals("fullname")) { fullName = attribute.getValues().get(0); } } if (fullName == null) { StringBuilder fullNameBldr = new StringBuilder(); if (firstName != null) { fullNameBldr.append(firstName); } if (lastName != null) { fullNameBldr.append(" ").append(lastName); } fullName = fullNameBldr.toString(); } .... } } 公共类CustomUserDetailsService实现UserDetailsService、AuthenticationUserDetailsService{ 私有最终映射寄存器=new HashMap(); 私有静态最终列表默认权限=AuthorityUtils.createAuthorityList(“角色用户”); public UserDetails loadUserByUsername(字符串id)引发UsernameNotFoundException{ UserDetails user=registeredUsers.get(id); if(user==null){ 抛出新用户名NotFoundException(id); } 返回用户; } /** *{@code AuthenticationUserDetailsService}的实现,它允许对提交的 *{@code Authentication}对象。由OpenIDAuthenticationProvider使用。 */ public UserDetails loadUserDetails(OpenIDAuthenticationToken令牌){ String id=token.getIdentityUrl(); CustomUserDetails user=registeredUsers.get(id); 如果(用户!=null){ 返回用户; } 字符串email=null; 字符串firstName=null; 字符串lastName=null; 字符串fullName=null; List attributes=token.getAttributes(); for(OpenIDAttribute属性:属性){ if(attribute.getName().equals(“电子邮件”)){ email=attribute.getValues().get(0); } if(attribute.getName().equals(“firstname”)){ firstName=attribute.getValues().get(0); } if(attribute.getName().equals(“lastname”)){ lastName=attribute.getValues().get(0); } if(attribute.getName().equals(“fullname”)){ fullName=attribute.getValues().get(0); } } if(fullName==null){ StringBuilder fullNameBldr=新建StringBuilder(); if(firstName!=null){ fullNameBldr.append(firstName); } if(lastName!=null){ fullNameBldr.append(“”).append(lastName); } fullName=fullNameBldr.toString(); } .... } } 在调试方法loadUserByUsername()时,返回了一个Url,但OpenIDAttributes为null(email、firstname和lastname)

我想我必须将spring-security.xml配置错误,请帮助。谢谢

只需创建所需的属性即可:

`<beans:bean class="org.springframework.security.openid.OpenIDAttribute">
                    <beans:constructor-arg index="0" value="email" />
                    <beans:constructor-arg index="1" value="http://schema.openid.net/contact/email" />
                    <beans:property name="required" value="true"/>
</beans:bean>`

`
`