替代弹簧安全的Java(春) [英] Alternatives to spring-security in Java (spring)
问题描述
我正在寻找一个良好的安全框架,允许注释基于参数访问规则的方法。
Basicly我要检查,如果通过身份验证的用户可以调用一定的方法与特定对象作为参数。</ P>
春季安全将成为我的需要,但由于这(<一个href=\"http://forum.springsource.org/showthread.php?125300-$p$pAuthenticate-not-having-any-effekt\">spring论坛)我是寻找替代品,如果我无法得到它的工作。
要求:
- 根据配置或注释方法的安全性,我希望避免思想促进我的安全code INSITE我的服务方法
- 规则基于的方法的参数,简单的基于角色的安全是不够
- 春季开箱即用支持的是一个加号
任何建议?
阿帕奇四郎矗立在竞争中的Spring Security。比较容易,占地面积。
请参见 href=\"http://shiro.apache.org/spring.html\">。
I'm looking for a good security framework that allows to annotate parameter based access rules to methods.
Basicly i want to check if the authenticated user is allowed to call a certain method with a specific object as a parameter.
Spring security would serve my needs but because of this (spring forum) i'm looking for alternatives if i'm unable to get it to work.
Requirements:
- method security based on config or annotations, i want to avoid puting my security code insite my service methods
- rules are based on parameters of the methods, simple role based security is not enough
- spring support out of the box is a plus
Any recommendations?
Apache Shiro stands in competition to Spring Security. Is easier, covers more. See here.
这篇关于替代弹簧安全的Java(春)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!