我如何可以验证系统用户在春季安排的进程? [英] How can I authenticate a system user for scheduled processes in Spring?
问题描述
我们有一个石英/ Spring Batch的工作,这对审计日志记录的目的,我们想拥有它认证作为系统用户。我们的一些方法依赖于获取SecurityContext的做到这一点。运行此作业的方式是值得信赖的(或认证)。我们不希望实际使用密码或其他标记(因为该过程基本上总是由石英生成)。
we have a Quartz/Spring Batch job, that for audit logging purposes we'd like to have it "authenticated" as a system user. Some of our methods rely on fetching the SecurityContext to do this. The ways of running this job are trusted (or authenticated). We don't want to actually use a password or other token (since the process is basically always spawned by quartz).
这个我试过
private void authenticate() {
UserDetails admin = userDetailsService.loadUserByUsername( "admin" );
RunAsUserToken token = new RunAsUserToken(
UUID.randomUUID().toString(), admin, admin.getAuthorities(), null , null );
Authentication user = authenticationManager.authenticate( token );
if ( user.isAuthenticated() ) {
SecurityContext sc = new SecurityContextImpl();
sc.setAuthentication( user );
SecurityContextHolder.setContext( sc );
}
}
但它导致了
org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.access.intercept.RunAsUserToken
和我不知道是什么的一些参数的RunAsUserToken做(如钥匙),或者什么,我应该给它的问候证书。
and I'm not sure what some of RunAsUserToken parameters do (e.g. key) or what I should be giving it in regards to Credentials.
我如何验证或以其他方式设置安全上下文,如果它是验证该用户身份?
How can I authenticate or otherwise set the security context as if it was authenticated as this user?
推荐答案
我还没有确定有关的RunAsUserToken。我认为它的目的是当有人已经通过身份验证使用,但是应用程序如何执行的东西另一个用户。
I'm not sure yet about the RunAsUserToken. I think it is intended to be used when someone is already authenticated, but the application what to execute something as another user.
不过,也许你并不真的需要。如果是的话,你可能只是这样做:
But, maybe you don't really need that. If it is the case, you could just do :
Authentication auth = new UsernamePasswordAuthenticationToken(admin.getUsername(), admin.getPassword(), admin.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
然后管理员将进行身份验证。此外,您不需要使用 admin.getPassword()
,因为它不会被检查反正
And then admin will be authenticated. Also, you don't need to use admin.getPassword()
since it won't be checked anyway.
请注意,您不必创建安全环境:它已经存在。我认为这是的ThreadLocal
默认
Note that you don't have to create the security context : it already exists. I think it is ThreadLocal
by default.
这篇关于我如何可以验证系统用户在春季安排的进程?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!