切换认证在运行时接近使用Spring Security? [英] Switching authentication approaches at runtime with Spring Security?
问题描述
通常情况下,当你声明不同的<身份验证提供者>中为您的应用程序(在我的情况的webapp),春季安全负责调用陆续供应商之一,柜面失败的。所以,说我有DatabaseAuthenticationProvider和LdapAuthenticationProvider可疑与DatabaseAuthenticationProvider宣布首先在配置文件中,在运行时,DatabaseAuthenticationProvider被调用第一,如果验证失败,LDAPAuthentication被尝试。这是很酷的 - 但是,我需要的是一个运行时开关。
Typically, when you declare different "<authentication-provider>" for your application (webapp in my case), Spring Security takes care of invoking providers one after another, incase of failure. So, say I have DatabaseAuthenticationProvider and LDAPAuthenticationProvider with DatabaseAuthenticationProvider declared first in the config file, at runtime, DatabaseAuthenticationProvider is invoked first and if authentication fails, LDAPAuthentication is tried. This is cool - However, what I need is a runtime switch.
我想有这两种方法(基于数据库的认证/ LDAP身份鉴别),并以某种方式之间的艇员选拔的型开关选项基于thsi全局设置的实施。
I would like to have an option of chosing between these two approaches (database based authentication / ldap based authentication) and somehow swith the implementation based on thsi global setting.
我该怎么办呢?与Spring-Security是它甚至可能吗?
How do I do it? Is it even possible with Spring-Security?
推荐答案
我会留下怎样自定义的验证提供给注入的例子从<一个其他无数href=\"http://www.google.com/search?q=spring+security+custom+authentication+provider&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla%3aen-US%3aofficial&client=firefox-a\"相对=nofollow> Googleland 并在这里<一个href=\"http://stackoverflow.com/questions/448204/creating-a-custom-authentication-with-acegi-spring-security\">StackOverflow.它看起来像它具有标识与XML一个特定的bean做。但是希望我能在一些其他细节填充你。
I will leave how to inject your own custom authentication provider to the other myriad of examples from Googleland and here on StackOverflow. It looks like it has to do with marking a particular bean with the xml. But hopefully I can fill in some of the other details for you.
所以,你定义的类有点像上面我会添加更多的细节,你需要为Spring(即从上方以及合并的东西。
So you've defined the class somewhat like above and I'll add more of the details that you'll need for Spring (i.e. merge the stuff from above as well.
public class SwitchingAuthenticationProvider implements AuthenticationProvider
{
....
public List<AuthenticationProvider> getProviders() { return delegateList; }
public void setProviders(List<AuthenticationProvider> providers) {
this.delegateList = providers;
}
....
}
这将允许您使用注入春天提供商的主机:
This will allow you to inject a host of providers using spring:
<bean id="customAuthProvider1" class=".....CustomProvider1"> ... </bean>
<bean id="customAuthProvider2" class=".....CustomProvider2"> ... </bean>
...
<bean id="customAuthProviderX" class=".....CustomProviderX"> ... </bean>
<bean id="authenticationProvider" class="....SwitchingAuthenticationProvider">
<security:custom-authentication-provider/>
<!-- using property injection (get/setProviders) in the bean class -->
<property name="providers">
<list>
<ref local="customAuthProvider1"/> <!-- Ref of 1st authenticator -->
<ref local="customAuthProvider2"/> <!-- Ref of 2nd authenticator -->
...
<ref local="customAuthProviderX"/> <!-- and so on for more -->
</list>
</property>
</bean>
在你如何填充供应商原本可以得到委托人提供程序的集合的任何手段结束。他们是如何映射到要使用哪一个是你的。集合可以是命名映射的基础上,委托者的当前状态。它可以是一个以上的尝试的列表。这可能是两个属性,GET / setPrimary和获取/ setSecondary为故障转移一样的功能。一旦你已经委托者注入的可能性是由你。
In the end how you populate the providers could be any means of getting the delegator a collection of providers. How they map up to which one to use is up to you. The collection could be a named mapped, based on the current state of the delegator. It could be a list of more than one to try. It could be two properties, "get/setPrimary" and "get/setSecondary" for fail-over like functionality. Once you have the delegator injected the possibilities are up to you.
让我知道,如果这不是回答你的问题。
Let me know if this isn't answering your question.
这篇关于切换认证在运行时接近使用Spring Security?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
