外部化Spring Security配置? [英] Externalizing Spring Security configuration?
问题描述
我有一个Web应用程序,该应用程序已经可以与Spring Security的几种不同配置一起使用.但是,这些差异配置都是在我的applicationContext配置文件中设置的.因此,为了在客户站点上进行调整,必须在WAR文件中对其进行修改.如果客户手动修改WAR文件,则在重新部署新的WAR之后,他们将丢失所做的更改.
I have a web application that works with several different configurations of Spring Security already. However, these difference configuration are all setup within my applicationContext configuration file. Therefore, in order to tweak these at a customer site, these would have to be modified INSIDE the WAR file. If customers manually modify the WAR file, then they'll lose their changes after redeploying a new WAR.
是否有一种可以外部化此配置的方法?有什么办法可以使用JNDI加载配置吗?
Is there a way to externalize this configuration? Is there a way I can load the configuration using JNDI somehow?
推荐答案
这是一个有趣的问题.由于应该在根webapp上下文中配置Spring Security,因此您不能将其配置外部化到其他上下文.同样,您不能从上下文内部更改配置资源集.因此,您应该从外部进行操作:
It's an interesting question. Since Spring Security should be configured in root webapp context, you can't externalize its configuration to other contexts. Also you can't change the set of config resources from inside the context. So, you should do it from outside:
-
您可以使用众所周知的文件系统位置:
You can use a well-known file system location:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
file:///C:\config.xml
</param-value>
</context-param>
系统属性在contextConfigLocation中解析,因此您可以使用它:
System properties are resolved in contextConfigLocation, so you can use it:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
file:///${configPath}
</param-value>
</context-param>
和-DconfigPath=...
您可以覆盖XmlWebApplicationContext.getResource()并实现您想要的任何东西:
You can override XmlWebApplicationContext.getResource() and implement whatever you want:
public class MyXmlWebApplicationContext extends XmlWebApplicationContext {
private static final String JNDI_PREFIX = "jndi:/";
@Override
public Resource getResource(String location) {
if (location.startsWith(JNDI_PREFIX)) return getJndiResource(location);
else return super.getResource(location);
}
protected Resource getJndiResource(String location) { ... }
}
和
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
jndi:/...
</param-value>
</context-param>
<context-param>
<param-name>contextClass</param-name>
<param-value>com.example.MyXmlWebApplicationContext</param-value>
</context-param>
这篇关于外部化Spring Security配置?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
