Question

我试图将以下xml转换为java配置，但与sec：authentication-manager标记中的alias参数混淆。我已经参与了java配置的部分工作，如果有人可以帮助我进行其余的配置，我将不胜感激。

Xml配置

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:sec="http://www.springframework.org/schema/security"

       xsi:schemaLocation="http://www.springframework.org/schema/beans
                      http://www.springframework.org/schema/beans/spring-beans.xsd
                      http://www.springframework.org/schema/security
                      http://www.springframework.org/schema/security/spring-security.xsd">

    <bean id="passwordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>

    <sec:authentication-manager alias="userAuthenticationManager">
        <sec:authentication-provider user-service-ref="userService">
            <sec:password-encoder ref="passwordEncoder"/>
        </sec:authentication-provider>
    </sec:authentication-manager>

    <sec:authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
        <sec:authentication-provider user-service-ref="client-details-user-service"/>
    </sec:authentication-manager>


    <bean id="client-details-user-service" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
        <constructor-arg ref="client-details-service" />
    </bean>

</beans>

转换部分

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    private ClientDetailsService clientDetailsService;

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private Validator validator;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        // TODO Auto-generated method stub
        return super.authenticationManager();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth)
            throws Exception {
        auth.userDetailsService(userDetailsService());
    }


       @Bean
        public UserDetailsService userDetailsService() {
            return new UserServiceImpl(userRepository, validator, passwordEncoder);
        } 



}

Answer 1

alias标记用于标识此特定身份验证管理器。如果您在java-config中不需要此功能，则可以尝试以下操作：

@Autowired
private StandardPasswordEncoder standardPasswordEncoder;

@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(principalService).passwordEncoder(standardPasswordEncoder);
    auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
   auth.userDetailsService(principalService).passwordEncoder(passwordEncoder);
   auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}

@Bean
public PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider(){
    PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
    preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(preAuthenticationUserDetailService);
    return preAuthenticatedAuthenticationProvider;
}

修改

如果您想要多重身份验证管理器，请检查以下答案： https://stackoverflow.com/a/26308661/1809221

Answer 2

Java配置可以与XML中的命名空间配置相同。

我建议您在@Configuration课程中遵循以下规则：

在xml中使用<bean ...>声明的所有内容都应该是java config中的@Bean
在此xml中定义的所有bean应该是@Autowired

由于xml中有2个不同的身份验证管理器，您应该在Java配置中明确地创建它们，因为@ManuZi引用的other question表示如果您尝试配置2个不同的{{1}，则springSecurityFilterChain的实例化会失败通过基本的java配置，你最好使用AuthenticationManager注释显式注入。

如何将spring security xml配置转换为java配置？

Xml配置

转换部分

2 个答案: