Spring 3.x配置多个登录页面

时间:2011-09-24 15:21:38

标签: spring spring-security

我正在使用Spring 3.1进行身份验证。

我的要求:

  • 两个不同的登录页面。一个用于客户,另一个用于员工。
  • 每次成功验证后,都会转发到相应的成功网址。

我的春季安全配置:

<sec:http pattern="/resources/**" security="none" />
<sec:http auto-config="true">
    <sec:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <sec:intercept-url pattern="/customer/**" access="ROLE_CUSTOMER" />
    <sec:intercept-url pattern="/employee/**" access="ROLE_EMPLOYEE" />
</sec:http>

<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
    <sec:filter-chain-map path-type="ant">
        <sec:filter-chain pattern="/**"
            filters="authenticationProcessingFilterForCustomer,authenticationProcessingFilterForEmployee" />
    </sec:filter-chain-map>
</bean>

<bean id="authenticationProcessingFilterForCustomer"
    class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
    <property name="authenticationManager" ref="authenticationManagerForCustomer" />
    <property name="filterProcessesUrl" value="/j_spring_security_check_for_customer" />
    <property name="authenticationSuccessHandler" ref="customerSuccessHandler" />
    <property name="authenticationFailureHandler" ref="customerFailureHandler" />
</bean>
<bean id="customerSuccessHandler"
    class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    <property name="defaultTargetUrl" value="/customer/index.html" />
</bean>
<bean id="customerFailureHandler"
    class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
    <property name="defaultFailureUrl" value="/customer.html?login_error=1" />
</bean>
<bean id="authenticationManagerForCustomer"
    class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref bean="customCustomerAuthenticationProvider" />
        </list>
    </property>
</bean>
<bean id="customCustomerAuthenticationProvider" class="com.edu.CustomerCustomAuthenticationProvider">
    <property name="userDetailsService">
        <bean class="com.edu.CustomerUserDetailsService" />
    </property>
</bean>

<bean id="authenticationProcessingFilterForEmployee"
    class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
    <property name="authenticationManager" ref="authenticationManagerForEmployee" />
    <property name="filterProcessesUrl" value="/j_spring_security_check_for_employee" />
    <property name="authenticationSuccessHandler" ref="employeeSuccessHandler" />
    <property name="authenticationFailureHandler" ref="employeeFailureHandler" />
</bean>
<bean id="employeeSuccessHandler"
    class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    <property name="defaultTargetUrl" value="/employee/index.html" />
</bean>
<bean id="employeeFailureHandler"
    class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
    <property name="defaultFailureUrl" value="/employee.html?login_error=1" />
</bean>
<bean id="authenticationManagerForEmployee"
    class="org.springframework.security.authentication.ProviderManager">
    <property name="providers">
        <list>
            <ref bean="customEmployeeAuthenticationProvider" />
        </list>
    </property>
</bean>
<bean id="customEmployeeAuthenticationProvider" class="com.edu.EmployeeCustomAuthenticationProvider">
    <property name="userDetailsService">
        <bean class="com.edu.EmployeeUserDetailsService" />
    </property>
</bean>

<sec:authentication-manager alias="authenticationManager">
    <sec:authentication-provider ref="customCustomerAuthenticationProvider" />
    <sec:authentication-provider ref="customEmployeeAuthenticationProvider" />
</sec:authentication-manager>

CustomAuthenticationProvider都实现了Support方法,如下所示:

public boolean supports(Class<? extends Object> authentication) {
    return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}

启动应用程序后,在尝试进行身份验证时,登录页面中显示的消息为:

您的登录尝试失败,请重试。
原因:找不到org.springframework.security.authentication.UsernamePasswordAuthenticationToken

的AuthenticationProvider

我正在使用Spring 3.1。任何帮助表示赞赏。

谢谢

3 个答案:

答案 0 :(得分:2)

我在grails中做了类似的事情,你需要的是:

  1. 扩展UsernamePasswordAuthenticationToken,为员工和客户创建两个子类,比如EmployeeUsernamePasswordAuthenticationToken和CustomerUsernamePasswordAuthenticationToken
  2. 扩展UsernamePasswordAuthenticationFilter,根据当前的身份验证请求创建EmployeeUsernamePasswordAuthenticationToken或CustomerUsernamePasswordAuthenticationToken的不同实例
  3. 为employee和custoner扩展AuthenticationProvider,创建两个类,即EmployeeAuthenticationProvider和CustomerAuthenticationProvider,覆盖每个类的支持方法以支持其目标UsernamePasswordAuthenticationToken
  4. 您只需要一个authenticationManager,同时注册两个;
  5. 只需要一个AuthenticationSuccessHandler,您可以决定要进入哪个网址
  6. 我还创建了一个自己的AuthenticationEntryPoint实例来支持多入口点

答案 1 :(得分:1)

从Spring 3.1开始,您可以根据需要配置多个配置: https://jira.springsource.org/browse/SEC-1171

答案 2 :(得分:0)

您应该将authenticationManager ref指向'authenticationProcessingFilterForCustomer'和'authenticationProcessingFilterForEmployee'bean来更正bean,即具有提供者的'authenticationManager'。无需定义'authenticationManagerForCustomer'和'authenticationManagerForEmployee'bean。

相关问题
最新问题