spring-security java config:如何配置多个AuthenticationManager实例 [英] spring-security java config: How to configure Multiple AuthenticationManager instances
问题描述
我使用:
- 弹簧靴:1.1.7
- spring-security:4.0.0.M2
- spring-fmk:4.1.1.发布
所有内容都使用Java Config(包括spring-security)进行了配置
Everything is configured with Java Config (including spring-security)
我正在处理一个Web服务器项目,其中的身份验证:基本base64Gibberish标头用于验证用户.
I'm working on a web server project where Authentication: Basic base64Gibberish header are used to authenticate users.
问题在于,根据URI的不同,AuthenticationManager
是不同的(因为我需要2个不同的UserDetailsService
.
The problem is that depending on the URI the AuthenticationManager
is different (because I need 2 different UserDetailsService
.
- /URI1/** => authManager1
- /URI2/** => authManager2
我尝试了WebSecurityConfigurerAdapter
的多个扩展,
I've tried multiple extensions of WebSecurityConfigurerAdapter
with
@Override
@Bean( name = "authManager1" )
public AuthenticationManager authenticationManagerBean() throws Exception
@Override
@Bean( name = "authManager2" )
public AuthenticationManager authenticationManagerBean() throws Exception
无济于事
我总是得到:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain'
defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Instantiation of bean failed;
nested exception is org.springframework.beans.factory.BeanDefinitionStoreException:
Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception]
threw exception; nested exception is java.lang.IllegalArgumentException:
Expecting to only find a single bean for type interface org.springframework.security.authentication.AuthenticationManager,
but found [authManager1, authManager2]
由于我有多个安全过滤器链,我如何讲" spring-security在不同的安全过滤器链中注入不同的AuthenticationManager?
Since I have multiple security filter chains how can I "tell" spring-security to inject different AuthenticationManager in different security filter chains ?
先谢谢了
推荐答案
您可以有多个http配置元素,每个元素都有自己的AuthenticationManager
.看起来可能像这样:
You can have multiple http configuration elements, each with its own AuthenticationManager
. It could look like that :
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
private AuthenticationManager authenticationManager1() {
// defines first AuthenticationManager
return authenticationManager;
}
@Bean
private AuthenticationManager authenticationManager2() {
// defines second AuthenticationManager
return authenticationManager;
}
@Configuration
@Order(1)
public static class Uri1ApiConfigurationAdapter extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier(authenticationManager1)
private authManager1;
@Override
protected AuthenticationManager authenticationManager() {
return authManager1;
}
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/URI1/**")
...
}
}
@Configuration
@Order(2)
public static class Uri2ApiConfigurationAdapter extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier(authenticationManager2)
private authManager2;
@Override
protected AuthenticationManager authenticationManager() {
return authManager2;
}
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/URI2/**")
...
}
}
}
这篇关于spring-security java config:如何配置多个AuthenticationManager实例的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!