春季安全 - 多个身份验证提供者 [英] Spring Security - multiple authentication-providers

问题描述

我的Web应用程序有多个认证管理器（一个用于API一个用于Web访问）。该API应该有一个基本的认证服务只 - 通过弹簧安全标记配置如下所示：

 ＆LT;？XML版本=1.0编码=UTF-8＆GT？;
＆LT;豆的xmlns =htt​​p://www.springframework.org/schema/beans
XMLNS：XSI =htt​​p://www.w3.org/2001/XMLSchema-instance
的xmlns：安全=htt​​p://www.springframework.org/schema/security
XSI：的schemaLocation =htt​​p://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd\">    ＆LT;安全：认证管理器别名=apiAuthenticationManager＆GT;
        ＆LT;安全：身份验证提供参考=apiAuthenticationProvider/＆GT;
    ＆LT; /安全：认证经理＆gt;    ＆LT;安全：身份验证提供者＆GT;
        ＆LT;安全：用户服务＆GT;
            ＆LT;安全：用户名=apiadmin密码=密码当局=ROLE_API_ADMIN/＆GT;
            ＆LT;安全：用户名=apiuser密码=otherpassword当局=ROLE_API_USER/＆GT;
        ＆LT; /安全：用户服务＆GT;
    ＆LT; /安全：身份验证提供者＆GT;
...
 

因为我希望它是由孩子豆CONFIGS覆写投放我不能内联的认证供应商。

我的问题是，我不能在安全定义别名/ id：验证提供商元素引用它在认证管理器。有一个简单的解决方法呢？

解决方案：

我终于想通了如何使用命名空间的方式来做到这一点，而不深入到纯豆配置：）

 ＆LT;安全：用户服务ID =apiUserDetailsS​​ervice＆GT;
    ＆LT;安全：用户名=apiadmin密码=密码当局=ROLE_API_ADMIN/＆GT;
    ＆LT;安全：用户名=apiuser密码=otherpassword当局=ROLE_API_USER/＆GT;
    ＆LT; /安全：用户服务＆GT;＆LT;安全：认证管理器别名=apiAuthenticationManager＆GT;
    ＆LT;安全：身份验证提供用户服务-REF =apiUserDetailsS​​ervice/＆GT;
＆LT; /安全：认证经理＆gt;
 

解决方案

请记住，这个春季安全XML命名空间是组织你的XML只是一种巧妙的方法。你可以达到正好与普通的＆LT相同的解决方案;豆＆GT; 配置。这样，你就可以使用ID，一如往常。 本博客文章可能对你有帮助

My web app has multiple authentication managers (one for API one for WEB access). The api should have a basic auth service only - configured via the spring security markup as seen below:

    <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <security:authentication-manager alias="apiAuthenticationManager">
        <security:authentication-provider ref="apiAuthenticationProvider" />
    </security:authentication-manager>

    <security:authentication-provider >
        <security:user-service>
            <security:user name="apiadmin" password="password" authorities="ROLE_API_ADMIN" />
            <security:user name="apiuser" password="otherpassword" authorities="ROLE_API_USER" />
        </security:user-service>
    </security:authentication-provider>
...

i can not inline the authentication-provider since i want it to be overrideable by child-bean configs.

my problem is that i can not define an alias/id on the security:authentication-provider element to reference it in the authentication-manager. Is there an easy workaround for this?

Solution:

i finally figured out how to do it using the namespace-way without diving into plain bean config :)

<security:user-service id="apiUserDetailsService"> 
    <security:user name="apiadmin" password="password" authorities="ROLE_API_ADMIN" />
    <security:user name="apiuser" password="otherpassword" authorities="ROLE_API_USER" />
    </security:user-service>

<security:authentication-manager alias="apiAuthenticationManager">
    <security:authentication-provider user-service-ref="apiUserDetailsService"/>
</security:authentication-manager>

解决方案

Please keep in mind that this Spring Security XML namespace is just a neat way of organizing your XML. You could achieve exactly the same solution with plain <bean> config. That way you will be able to use ID, as usual. This blog post might be helpful for you.

这篇关于春季安全 - 多个身份验证提供者的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！