如何使用Spring Security命名空间设置和配置ProviderManager？ [英] How to set-up and configure a ProviderManager using Spring Security namespace?

问题描述

Spring文档说 ProviderManager 是 AuthenticationManager 的默认实现，但是是<$ c的实例$ c> ProviderManager 由安全命名空间自动创建和连接？

Spring documentation says that ProviderManager is the default implementation of the AuthenticationManager, but is an instance of ProviderManager automatically created and wired by the security namespace?

换句话说，这样的配置是否会自动创建<$ c的实例$ c> ProviderManager ：

In other words, will such configuration automatically create an instance of ProviderManager:

<authentication-manager>
    <authentication-provider>
       <password-encoder hash="md5"/>
       <jdbc-user-service data-source-ref="dataSource"/>
    </authentication-provider>
</authentication-manager>

否则，我需要做什么（或申报）？

Else, what do I need to do (or declare)?

假设我想插入我自己的 AuthenticationManager 的实现，我将如何使用命名空间配置它？

Assuming I would want to plug my own implementation of AuthenticationManager, how would I configure this using the namespace?

我还想指定哪个 AuthenticationProvider 应该在 ProviderManager 中注册。我找到了以下配置代码：

I also want to specify which AuthenticationProvider should be registered in the ProviderManager. I have found the following piece of configuration code:

<bean id="authenticationManager"
    class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref local="daoAuthenticationProvider"/>
            <ref local="anonymousAuthenticationProvider"/>
        </list> 
    </property>
</bean>

但这还够吗？声明 AuthenticationProvider 列表的正确方法是什么？关于这个问题，文档不是很清楚和完整。

But is it enough? What is the right way to declare the list of AuthenticationProvider? Documentation is not very clear and complete regarding this issue.

推荐答案

换句话说，这样的配置是否会自动创建
的ProviderManager实例：

In other words, will such configuration automatically create an instance of ProviderManager:

根据附录的B2部分，答案是肯定的。

According to section B2 of the appendix, the answer is yes.

假设我想插入我自己的
AuthenticationManager实现，如何使用命名空间配置它？

Assuming I would want to plug my own implementation of AuthenticationManager, how would I configure this using the namespace?

根据B.3.1节：

<global-method-security authentication-manager-ref="..." >

声明AuthenticationProvider列表的正确方法是什么？

What is the right way to declare the list of AuthenticationProvider?

来自博客文章，而不是使用< authentication-manager> ...< / authentication-manager> ，应该使用与此类似的东西：

From a blog post, instead of using <authentication-manager> ... </authentication-manager>, one should use something like similar to this:

<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref bean="authenticationProvider" />
            <ref bean="anonymousProvider" />
        </list>
    </property>
</bean>

<bean id="authenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
    <property name="passwordEncoder">
        <bean class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
    </property>
    <property name="userDetailsService" ref="userService" />
</bean>

<bean id="anonymousProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
    <property name="key" value="SomeUniqueKeyForThisApplication" />
</bean>

这篇关于如何使用Spring Security命名空间设置和配置ProviderManager？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！