我正在使用Spring Security和基于Java的@Configuration构建应用程序。我们的JBoss EAP 6服务器配置了一个 security-domain ,它在jboss-web.xml-File中定义。
的JBoss-web.xml中
<!DOCTYPE jboss-web PUBLIC
"-//JBoss//DTD Web Application 4.2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_2.dtd">
<jboss-web>
<security-domain>ldapcomponent</security-domain>
</jboss-web>
有没有办法在我的Spring Security WebSecurityConfigurerAdapter中使用此 security-domain ?
Spring Security Java配置
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.?????
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated()
.anyRequest().hasRole("my-required-role").and().httpBasic();
}
}
答案 0 :(得分:0)
JBoss身份验证需要
org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
可以通过方法添加:
auth.authenticationProvider(...);
除此之外
org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter
应该注册。