我试图创建一个Delegating身份验证提供程序来执行逻辑,然后再基于任意逻辑决定选择哪个authenticationProvider;就本例而言,如果用户名以前缀开头。
我当前的SecurityConfig,它将一次尝试一个身份验证提供程序:
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final MyCustomCredentialAuthProvider myAuthProvider;
...
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth
.ldapAuthentication().configuration(...).here(...).etc(...).and() // ldapAuthenticationProvider is created here
.authenticationProvider(myAuthProvider).and()
// more authentication providers to be added in the future
}
}
根据用户名,我想选择是否要使用try提供程序,因此,如果用户名不是以特定前缀(“ ldap”,“ custom”, “ ad”,“ etc” ...),所以:
@Component
public class DelegatingProvider implements AuthenticationProvider {
// Problem: How do I create this ldapAuthenticationProvider bean?
private final LdapAuthenticationProvider ldapAuthenticationProvider;
private final MyCustomCredentialAuthProvider myAuthProvider;
...
@Override
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
if (authentication.getName() == null) {
throw new BadCredentialsException("No username provided");
} else if (authentication.getName().startsWith("ldapPlease") }
return ldapAuthProvider.authenticate(authentication);
// } else if (...) { ...
// } else if (...) { ...
} else {
return myAuthProvider.authenticate(authentication);
}
}
@Override
public boolean supports(final Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);;
}
}
当由SecurityConfig创建LdapProvider时,我似乎无法以这种方式进行接线-当以前由AuthBuilder在SecurityConfig中处理过的LdapProvider bean时,如何创建并接线呢?
答案 0 :(得分:0)
@Bean
public LdapAuthenticationProvider ldapAuthentication() {
return new LdapAuthenticationProviderConfigurer().configure(...).here(...).etc(...).build();
}
.....................................
@Component
public class DelegatingProvider implements AuthenticationProvider {
@Autowired
private LdapAuthenticationProvider ldapAuthenticationProvider;
@Autowired
private final MyCustomCredentialAuthProvider myAuthProvider;
...
@Override
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
if (authentication.getName() == null) {
throw new BadCredentialsException("No username provided");
} else if (authentication.getName().startsWith("ldapPlease") }
return ldapAuthProvider.authenticate(authentication);
// } else if (...) { ...
// } else if (...) { ...
} else {
return myAuthProvider.authenticate(authentication);
}
}
@Override
public boolean supports(final Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);;
}
}
并按照@NatFar指定
@Autowired
private DelegatingProvider delegatingProviderBean;
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth
.authenticationProvider(delegatingProviderBean).and()
// more authentication providers to be added in the future
}