如何在MVC配置中允许匿名twitter连接 [英] How to allow anonymous twitter connections in an MVC configuration

问题描述

使用
- spring-social 1.1.4
- spring-social-twitter 1.1.2
- spring-mvc-4.2
- on tomcat 7

Using - spring-social 1.1.4 - spring-social-twitter 1.1.2 - spring-mvc-4.2 - on tomcat 7

下面是我的MVC应用程序的tomcat配置，包括twitter设置和usersConnectionRepository。

Below is my tomcat config for my MVC Application including twitter set up and usersConnectionRepository.

这对于记录的一切正常在MVC用户中。

This is all working fine for the logged in MVC user.

当我想允许客户端从非MVC认证用户可用的公共链接发送推文时，问题出现了。 （＃{request.userPrincipal.name}将为null）

The problem for me arises when I want to allow clients to tweet from a public link available to non MVC authenticated users. (#{request.userPrincipal.name} will be null)

我看了很多例子。
大多数例子使用旧的1.0.0 spring-social。
我注意到spring-social- twitter 的新1.1.2版本没有零参数Twitter（）构造函数，在某些示例中显示为一种工作方式没有connectionRepository。

I have looked through many examples. Most examples use old 1.0.0 spring-social. I noticed that the new 1.1.2 version of spring-social-twitter Does not have a zero argument Twitter() constructor, which is in some examples is shown to be a way to work without the connectionRepository.

我正在寻找一种配置或编码选项的方法，以允许用户登录我的应用程序和匿名用户使用我网站上的某些选项。

I am looking for a way to configure or code an option to allow both user logged in to my app and anonymous users to use some options on my site.

在下面的配置中，被重定向到connect / twitter的匿名用户将导致获取connetionRepository时出现问题。
usersConnectionRepository必须有一个＃{request.userPrincipal.name}，因为我的connectController依赖于此。

In the configuration below an anonymous user being redirected to connect/twitter will result in a problem getting a connetionRepository. usersConnectionRepository must have a "#{request.userPrincipal.name}" because my connectController relies on this.

我想也许我需要一个自定义连接控制器...
必须有一个正确的方法。

I am thinking maybe I need a custom connect controller... There must be a correct approach to this.

欢迎任何建议。

我的web.xml

    <listener>
  <listener-class>
          org.springframework.web.util.Log4jConfigListener
      </listener-class>
</listener>


<display-name>Central Portal</display-name>

<context-param>  
    <param-name>spring.profiles.active</param-name>  
    <param-value>dev</param-value>  
</context-param>  
<context-param>  
    <param-name>spring.profiles.default</param-name>  
    <param-value>dev</param-value>  
</context-param>
<context-param>  
    <param-name>spring.liveBeansView.mbeanDomain</param-name>  
    <param-value>dev</param-value>  
</context-param> 

<!-- Spring MVC -->
<servlet> 
    <servlet-name>mvc-dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>mvc-dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

<error-page>
    <error-code>500</error-code>
    <location>/WEB-INF//pages/error.jsp</location>
</error-page>

<error-page>
    <error-code>404</error-code>
    <location>/WEB-INF/pages/error.jsp</location>
</error-page>

<error-page>
    <location>/WEB-INF/pages/error.jsp</location>
</error-page>
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
        /WEB-INF/spring-security.xml,
        /WEB-INF/spring-database.xml   
    </param-value>
</context-param> 



<!-- Enable POST  --> 
<filter>
    <filter-name>hiddenHttpMethodFilter</filter-name>
    <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>

<filter-mapping>
    <filter-name>hiddenHttpMethodFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>


<!-- Spring Security -->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<!-- Concurrency listener -->
<listener>
    <listener-class>
        org.springframework.security.web.session.HttpSessionEventPublisher
    </listener-class>
</listener>

一位java配置

one bit of java config

mvc-dispatcher-servlet.xml

mvc-dispatcher-servlet.xml

<context:component-scan base-package="org.schoolit.usermanager.config" /> 

<!-- component-scan / controllers -->
<context:component-scan base-package="org.schoolit.webapplication.*" />
<context:component-scan base-package="org.schoolit.spring.social.*"/>

<!-- property-placeholder's  -->
<context:property-placeholder location="classpath:oauth.properties"/>

<!-- resource mapping  -->
<mvc:resources mapping="/gen/**" location="/WEB-INF/gen/" cache-period="31556926"/>
<mvc:resources mapping="/resources/**" location="/WEB-INF/resources/" cache-period="31556926"/>

<!-- JSP ViewResolver -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
    <property name="prefix">
        <value>/pages/</value>
    </property>
    <property name="suffix">
        <value>.jsp</value>
    </property>
</bean>

<!-- twitter stuff start --> 
<bean id="handlerExceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
    <property name="exceptionMappings">
        <props>
            <prop key="Exception">error</prop>
        </props>
    </property>
</bean> 

 <bean id="twitterTemplate" 
    class="org.springframework.social.twitter.api.impl.TwitterTemplate">
    <constructor-arg value="${twitter.oauth.consumerKey}"/>
    <constructor-arg value="${twitter.oauth.consumerSecret}"/>
<!--<constructor-arg value="${twitter.oauth.accessToken}"/>
    <constructor-arg value="${twitter.oauth.accessTokenSecret}"/>   --> 
</bean> 



<bean id="connectionFactoryLocator" class="org.springframework.social.connect.support.ConnectionFactoryRegistry">
    <property name="connectionFactories">
        <list>
            <bean class="org.springframework.social.twitter.connect.TwitterConnectionFactory">
                <constructor-arg value="${twitter.oauth.consumerKey}" />
                <constructor-arg value="${twitter.oauth.consumerSecret}" />          
            </bean>
        </list>
    </property>
</bean>  


<bean id="connectionRepository" factory-method="createConnectionRepository" factory-bean="usersConnectionRepository" scope="request">
    <constructor-arg value="#{request.userPrincipal.name}" />
    <aop:scoped-proxy proxy-target-class="true" />
</bean>

<bean id="usersConnectionRepository" 
      class="org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository">
    <constructor-arg ref="dataSource" />
    <constructor-arg ref="connectionFactoryLocator" />
    <constructor-arg ref="textEncryptor" />
</bean>

<bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors" 
            factory-method="noOpText" />

 <bean id="connectController" class="org.springframework.social.connect.web.ConnectController">
    <constructor-arg ref="connectionFactoryLocator"/>
    <constructor-arg ref="connectionRepository"/>
    <property name="applicationUrl" value="http://localhost:8080/CentralPortal/" />
    <property name="connectInterceptors">
            <list> 
                <bean class="org.schoolit.spring.social.TweetAfterConnectInterceptor"/>
            </list>
    </property> 
</bean>       

spring-database.xml

spring-database.xml

    <!-- App's dataSource used by jdbcTemplate,jdbc-user-service and connectController -->
<bean id="dataSource"
    class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <property name="driverClassName" value="com.mysql.jdbc.Driver" />
    <property name="url" value="jdbc:mysql://localhost:3306/spring_me" />
    <property name="username" value="root" />
    <property name="password" value="<mypassword>" />
</bean>

<!-- jdbcTemplate used in usermanager bit only for now. --> 
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate">
    <constructor-arg ref="dataSource" /> 
</bean>

spring-security.xml

spring-security.xml

  <!-- enable use-expressions -->
<http auto-config="true" use-expressions="true"> 

    <!-- Set up rolefilter's for requestmapping's -->
    <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />
    <intercept-url pattern="/usermanager**" access="hasRole('ROLE_ADMIN')" />  
    <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')" />


    <!-- access denied page --> 
    <access-denied-handler error-page="/403" /> 
    <!-- loginform-setup Spring Security -->
    <form-login 
        login-page="/login" 
        default-target-url="/home" 
        login-processing-url="/j_spring_security_check"
        authentication-failure-url="/login?error" 
        username-parameter="username"
        password-parameter="password" /> 
    <logout logout-success-url="/login?logout"  />

    <!-- enable csrf protection default is enabled from 4.0 spring 
    <csrf /> <csrf disabled="true"/>  -->
     <csrf request-matcher-ref="connect/*" disabled="true"/>

    <!-- Prevent Clickjacking iframe's  --> 
    <headers>
        <frame-options policy="SAMEORIGIN"/> 
    </headers>  
    <!-- One login per username should be one set to 5 for testing-->
    <session-management>
        <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/login?error"   /> 
    </session-management>
</http>

<!-- Select users and user_roles from database -->
<authentication-manager>
    <authentication-provider>
    <password-encoder ref="encoder" />
        <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="select username,password, enabled from users where username=?"
            authorities-by-username-query="select username, role from user_roles where username =?  " />
    </authentication-provider>
</authentication-manager>

<!-- encoder bean. Used for password encryption -->
<beans:bean id="encoder" 
    class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
    <beans:constructor-arg name="strength" value="11" />
</beans:bean>

推荐答案

我看到你有 twitterTemplate bean配置，如果你能够在应用程序中使用它，你将不需要做任何其他事情。

I see that you have twitterTemplate bean configured, if you are able to use it in the application you won't need to do anything else.

使用 TwitterTemplate 而不是 Twitter 。
TwitterTemplate 实现 Twitter 界面，因此所有方法都可用。

Use TwitterTemplate instead of Twitter. TwitterTemplate implements Twitter interface, so all methods are available.

示例：

//1. Search Twitter
SearchResults results = twitterTemplate.searchOperations().search("#WinterIsComing");
List<Tweet> tweets = results.getTweets();
int i =0;
for (Tweet tweet : tweets) {
    System.out.println(tweet.getUser().getName() + " Tweeted : "+tweet.getText() + " from " + tweet.getUser().getLocation() 
            + " @ " + tweet.getCreatedAt() + tweet.getUser().getLocation()  );
}

//2. Search Place by GeoLocation        
RestTemplate restTemplate = twitterTemplate.getRestTemplate();
GeoTemplate geoTemplate = new GeoTemplate(restTemplate, true, true);
List<Place> place = geoTemplate.search(37.423021, -122.083739);
for (Place p : place) {
    System.out.println(p.getName() + " " + p.getCountry() + " "+p.getId());
}           

//3. Get Twitter UserProfile
TwitterProfile userProfile = twitterTemplate.userOperations().getUserProfile();
System.out.println(userProfile.getName()+" has " +userProfile.getFriendsCount() + " friends");

使用 TwitterTemplate ，用户不需要登录。希望这有帮助！

Using TwitterTemplate, users don't need to login. Hope this helps!

这篇关于如何在MVC配置中允许匿名twitter连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！