使用SSL的基于HTTP的元数据提供程序 - 使用MethodInvokingFactoryBean进行基于Java的配置

时间:2016-06-16 11:17:37

标签: spring-saml

我正在https://github.com/vdenotaris/spring-boot-security-saml-sample学习示例,我不明白为什么作者在WebSecurityConfig中同时使用MethodInvokingFactoryBean和TLSProtocolConfigurer。他们之间有什么区别?在创建bean的每个单独的情况下获得的结果基本相同,并且TLSProtocolConfigurer已重写MethodInvokingFactoryBean结果。

com.vdenotaris.spring.boot.security.saml.web.config.WebSecurityConfig 

@Bean
public KeyManager keyManager() {
    DefaultResourceLoader loader = new DefaultResourceLoader();
    Resource storeFile = loader
            .getResource("classpath:/saml/samlKeystore.jks");
    String storePass = "nalle123";
    Map<String, String> passwords = new HashMap<String, String>();
    passwords.put("apollo", "nalle123");
    String defaultKey = "apollo";
    return new JKSKeyManager(storeFile, storePass, passwords, defaultKey);
}

@Bean
public TLSProtocolConfigurer tlsProtocolConfigurer() {
    return new TLSProtocolConfigurer();
}

@Bean
public ProtocolSocketFactory socketFactory() {
    return new TLSProtocolSocketFactory(keyManager(), null, "default");
}

@Bean
public Protocol socketFactoryProtocol() {
    return new Protocol("https", socketFactory(), 443);
}

@Bean
public MethodInvokingFactoryBean socketFactoryInitialization() {
    MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
    methodInvokingFactoryBean.setTargetClass(Protocol.class);
    methodInvokingFactoryBean.setTargetMethod("registerProtocol");
    Object[] args = {"https", socketFactoryProtocol()};
    methodInvokingFactoryBean.setArguments(args);
    return methodInvokingFactoryBean;
}

org.springframework.security.saml.trust.httpclient.TLSProtocolConfigurer 

private String protocolName = "https";

private int protocolPort = 443;

private KeyManager keyManager;

private String sslHostnameVerification = "default";

private Set<String> trustedKeys;

@Override
public void afterPropertiesSet() throws Exception {
    ProtocolSocketFactory socketFactory = new TLSProtocolSocketFactory(keyManager, trustedKeys, sslHostnameVerification);
    Protocol p = new Protocol(protocolName, socketFactory, protocolPort);
    Protocol.registerProtocol(protocolName, p);
}

@Autowired
public void setKeyManager(KeyManager keyManager) {
    this.keyManager = keyManager;
}

请你告诉我我错过了什么?

0 个答案:

没有答案
相关问题
最新问题