是否有可能在不同的servlet,同一个WAR使用不同的Spring Security的AuthenticationProvider? [英] Is it possible to use a different Spring Security AuthenticationProvider in different servlets, same WAR?
问题描述
我有一个运行两个servlet一个WAR。 One提供AMF的远程处理到Flex客户端和其他SOAP / HTTP Web服务客户。我现在有春季安全配置使用需要把DaoAuthenticationProvider验证Flex客户端。不过,我想使用一个不同的身份验证提供对SOAP / HTTP。可能是基本的身份验证或一些其他形式。
I have a single WAR that runs two servlets. One provides AMF remoting to Flex clients and other SOAP/HTTP to web service clients. I currently have Spring Security configured to authenticate the Flex clients using DaoAuthenticationProvider. However, I'd like to use a different authentication provide for the SOAP/HTTP. Possibly basic authentication or some other form.
这可能吗?或者我需要两战?
Is it possible? or do I need two WARs?
推荐答案
我想你会用实例化两个安全过滤器链遇到问题的问题。问题是,在<&HTTP GT; 元素构造一个具有硬连线的bean名称(是springSecurityFilterChain)中的安全过滤器链。如果你有一个以上的活跃< HTTP方式> 在webapp的春天CONFIGS元素,这很可能会失败。
I think you'll run into problems issues with instantiating two security filter chains. The problem is that the <http> element constructs a security filter chain with a hard-wired bean name ("springSecurityFilterChain"). If you have more than one active <http> element in the webapp's spring configs, this is likely to fail.
在理论上可以解决此通过不使用SpringSecurity命名空间和配置过滤器链手动使用SpringSecurity类纯的Spring XML接线。在实践中,配置SpringSecurity这种方式是很难的。
In theory you could work around this by not using the SpringSecurity namespace and configuring the filter chains "by hand" using plain Spring XML wiring of the SpringSecurity classes. In practice, configuring SpringSecurity that way is hard.
这篇关于是否有可能在不同的servlet,同一个WAR使用不同的Spring Security的AuthenticationProvider?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
