使用带有 spring-security 的静态编织 [英] Use static weaving with spring-security

问题描述

同事们，在 spring 安全文档我遇到了以下概念:

Colleagues, In the spring security documentation I met following notion:

如果你想保护不是由 Spring 创建的实例(使用例如 new 运算符)，那么您需要使用 AspectJ.

If you want to secure instances which are not created by Spring (using the new operator, for example) then you need to use AspectJ.

谁能告诉我这种用法的可行示例.最好的情况是在静态编织的帮助下完成.

Could anybody please show me workable example of such usage. The best case if this is done with help of static weaving.

先谢谢你！

推荐答案

有一个 Aspectj 示例 在 Spring Security 代码库中.它针对 spring-security-aspects 模块进行编译，然后使用:

There is an Aspectj sample in the Spring Security codebase. It compiles against the spring-security-aspects module and then uses:

<global-method-security secured-annotations="enabled" mode="aspectj" />

启用安全注释.代码非常简单——它实际上只是一组 JUnit 测试.如果你看一看，你会发现这些测试包括对 Spring-bean 实例和使用 new 操作符创建的实例的测试.

to enable secured annotations. The code is very simple - it is really just a set of JUnit tests. If you take a look, you'll see that these include tests for both Spring-bean instances and instances created using the new operator.

如果您想了解 spring-security-aspects 的工作原理，请查看 方面源.

If you want to know how spring-security-aspects works, check out the aspect source.

这篇关于使用带有 spring-security 的静态编织的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！