我试图将以下xml转换为java配置,但与sec:authentication-manager标记中的alias
参数混淆。我已经参与了java配置的部分工作,如果有人可以帮助我进行其余的配置,我将不胜感激。
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<bean id="passwordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/>
<sec:authentication-manager alias="userAuthenticationManager">
<sec:authentication-provider user-service-ref="userService">
<sec:password-encoder ref="passwordEncoder"/>
</sec:authentication-provider>
</sec:authentication-manager>
<sec:authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
<sec:authentication-provider user-service-ref="client-details-user-service"/>
</sec:authentication-manager>
<bean id="client-details-user-service" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="client-details-service" />
</bean>
</beans>
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private ClientDetailsService clientDetailsService;
@Autowired
private UserRepository userRepository;
@Autowired
private Validator validator;
@Autowired
private PasswordEncoder passwordEncoder;
@Override
protected AuthenticationManager authenticationManager() throws Exception {
// TODO Auto-generated method stub
return super.authenticationManager();
}
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth.userDetailsService(userDetailsService());
}
@Bean
public UserDetailsService userDetailsService() {
return new UserServiceImpl(userRepository, validator, passwordEncoder);
}
}
答案 0 :(得分:0)
alias
标记用于标识此特定身份验证管理器。如果您在java-config
中不需要此功能,则可以尝试以下操作:
@Autowired
private StandardPasswordEncoder standardPasswordEncoder;
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(principalService).passwordEncoder(standardPasswordEncoder);
auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(principalService).passwordEncoder(passwordEncoder);
auth.authenticationProvider(preAuthenticatedAuthenticationProvider());
}
@Bean
public PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider(){
PreAuthenticatedAuthenticationProvider preAuthenticatedAuthenticationProvider = new PreAuthenticatedAuthenticationProvider();
preAuthenticatedAuthenticationProvider.setPreAuthenticatedUserDetailsService(preAuthenticationUserDetailService);
return preAuthenticatedAuthenticationProvider;
}
修改强>
如果您想要多重身份验证管理器,请检查以下答案: https://stackoverflow.com/a/26308661/1809221
答案 1 :(得分:0)
Java配置可以与XML中的命名空间配置相同。
我建议您在@Configuration
课程中遵循以下规则:
<bean ...>
声明的所有内容都应该是java config中的@Bean
由于xml中有2个不同的身份验证管理器,您应该在Java配置中明确地创建它们,因为@ManuZi引用的other question表示如果您尝试配置2个不同的{{1},则springSecurityFilterChain的实例化会失败通过基本的java配置,你最好使用AuthenticationManager
注释显式注入。