Spring Security 3以编程方式登录 [英] Spring Security 3 programmatically login
问题描述
我正在使用spring创建一个REST Web服务,我需要在其中实现登录/注销功能.函数的url应该类似于.../api/login和.../api/logout.用户名和密码将使用POST方法过期.
I'm creating a REST web service using spring and I need to implement login/logout functions in it. The url for the functions should be something like .../api/login and .../api/logout. The username and password will be past using a POST method.
我在REST Web服务下面有一个服务层.在服务层中,我具有登录"和注销"功能的代码.我想使用Spring Security在Spring上下文中保存登录用户.我找到了几个答案,但是没有一个完整的示例说明如何执行此操作.我还想知道使用spring安全性进行这种自定义身份验证的最新方式是什么(不使用任何登录表单,而仅以编程方式登录/注销).
I have a services layer below the REST web service. In the service layer i have the "login" and "logout" functions' code. I want to use spring security to save the logged in user in the context of spring. I found several answers but nothing gives a complete example of how to do it. I also wonder what's the state-of-the-art way of doing this custom authentication with spring security (without using any login form, just programmatic login/logout).
推荐答案
最好的方法是将身份验证实现插入Spring Security. 您可以通过在Spring Security中注册自己的身份验证提供程序"来实现.
The best way is to plugin your authentication implementation into Spring Security. You can do it by registering your own "authentication provider" into Spring Security.
例如:
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="myAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id="myAuthenticationProvider" class="org.my.web.restapi.authentication.MyAuthenticationProvider"/>
Another thing: I know it's a time consuming, but after reading Spring Security reference you will definitely get the "big picture" :-)
这篇关于Spring Security 3以编程方式登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
