在Java Config中自动装配Spring Authentication Manager

时间:2014-05-07 08:39:36

标签: java spring spring-security

我已设置自定义身份验证提供程序:

@Configuration
@EnableWebSecurity
@EnableGlobalAuthentication
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    @Qualifier("samlAuthenticationProvider")
    SAMLAuthenticationProvider samlAuthenticationProvider;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        /**
         * Do your stuff here
         */
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(samlAuthenticationProvider);
    }   

}

现在,我想为身份验证管理器设置一个别名,然后我想在另一个bean定义中自动装配它。

例如:

<!-- Register authentication manager with SAML provider -->
<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider
        ref="samlAuthenticationProvider" />
</security:authentication-manager>

<!-- Processing filter for WebSSO Holder-of-Key profile -->
<bean id="samlWebSSOHoKProcessingFilter"
    class="org.springframework.security.saml.SAMLWebSSOHoKProcessingFilter">
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="authenticationSuccessHandler" ref="successRedirectHandler" />
</bean>

有没有办法只在Java Config中这样做?

2 个答案:

答案 0 :(得分:5)

我对新的安全Java配置不太满意,但这是我从源代码中看到的:

@Import(AuthenticationConfiguration.class)
public @interface EnableGlobalAuthentication {}

此注释也会AuthenticationConfiguration导入@Configuration。任何@Configuration也被注册为bean。所以,你可以从WebSecurityConfigurerAdapter

这样做 
@Autowired
public void setAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
     this.authenticationConfiguration = authenticationConfiguration;
}

可以访问AuthenticationManager

this.authenticationConfiguration.getAuthenticationManager();

从xml的角度来看,您可以使用SpEL来访问authenticationManager

<property name="authenticationManager" value="#{authenticationConfiguration.authenticationManager}" />

抱歉,我没有看到AuthenticationManager注册为bean的地方。从这里开始,您无法为他配置别名

<强>更新

顺便说一句,如果您要@Autowired AuthenticationManager转到某个其他组件,@Value会转到resque:

@Value("#{authenticationConfiguration.authenticationManager}")
private AuthenticationManager authenticationManager;

<强> UPDATE2

找到它WebSecurityConfigurerAdapter。源代码和JavaDocs:

/**
 * Override this method to expose the {@link AuthenticationManager} from
 * {@link #configure(AuthenticationManagerBuilder)} to be exposed as
 * a Bean. For example:
 *
 * <pre>
 * &#064;Bean(name name="myAuthenticationManager")
 * &#064;Override
 * public AuthenticationManager authenticationManagerBean() throws Exception {
 *     return super.authenticationManagerBean();
 * }
 * </pre>
 *
 * @return the {@link AuthenticationManager}
 * @throws Exception
 */
public AuthenticationManager authenticationManagerBean() throws Exception {
    return new AuthenticationManagerDelegator(authenticationBuilder);
}

<强> UPDATE3

如何通过自定义AuthenticationManager访问现有WebSecurityConfigurerAdapter并配置SAMLWebSSOHoKProcessingFilter

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Bean
  public SAMLWebSSOHoKProcessingFilter samlFilter() {
    SAMLWebSSOHoKProcessingFilter samlFilter = new SAMLWebSSOHoKProcessingFilter();
    samlFilter.setAuthenticationManage(authenticationManager());
    .......
    return samlFilter;
  }

  @Override  
  protected void configure(HttpSecurity http) throws Exception {
      http.addFilter(samlFilter());
  }
}

答案 1 :(得分:0)

这对我有用:

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        ...
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        ...
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}


@Component
public class UsernamePasswordAuth extends UsernamePasswordAuthenticationFilter {

    @Autowired
    public UsernamePasswordAuth(AuthenticationManager authenticationManager) {
        setAuthenticationManager(authenticationManager);

        setFilterProcessesUrl("/api/services/login");
    }
}
相关问题
最新问题