我使用spring security进行身份验证登录。 我想在名称和密码中传递动态值,但我不想使用服务层,因为我在控制器中使用Web服务调用。
这是我的代码:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<global-method-security pre-post-annotations="enabled" />
<http pattern="/auth/logout.html" security="none"/>
<http pattern="/css/**" security="none" />
<http pattern="/js/**" security="none" />
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/login" access="permitAll" />
<intercept-url pattern="/logout" access="permitAll" />
<intercept-url pattern="/accessdenied" access="permitAll" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<form-login login-page="/login" default-target-url="/suburb_analyser" authentication-failure-url="/accessdenied" />
<logout logout-success-url="/logout" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user name="j@hotsal.com.au" password="mor55eover" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
答案 0 :(得分:0)
如果要在名称和密码中传递动态值。您需要声明一个实现UserDetailsService接口的bean。然后将xml修改为:
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="yourServiceBeanName">
</authentication-provider>
</authentication-manager>
您可以使用JDBC,文件系统或内存在您的服务中动态生成您的名称和密码。