我在两个不同的项目中有两个配置文件 第一个:
@Configuration
@Order(2)
public class SecurityConfig {
/**адрес сервера LDAP*/
@Value("${ldap.server}")
private String ldapServer;
/**номер порта LDAP сервера*/
@Value("${ldap.port}")
private int ldapPort;
/**домен для LDAP*/
@Value("${ldap.suffix}")
private String suffix;
@Autowired
private HttpSecurity httpSecurity;
@PostConstruct
public void init() throws Exception {
httpSecurity
.httpBasic()
.and()
.authorizeRequests().antMatchers("/**").authenticated()
.and()
.authenticationProvider(adAuthProvider())
.csrf().disable();
}
/**провайдер для аутентификации через LDAP*/
@Bean
public ActiveDirectoryLdapAuthenticationProvider adAuthProvider() {
String ldapUrl = String.format("ldap://%s:%s", ldapServer, ldapPort);
ActiveDirectoryLdapAuthenticationProvider adAuthProvider = new ActiveDirectoryLdapAuthenticationProvider(suffix, ldapUrl);
adAuthProvider.setConvertSubErrorCodesToExceptions(true);
adAuthProvider.setUseAuthenticationRequestCredentials(true);
return adAuthProvider;
}
}
第二个:
@Configuration
@Order(3)
public class ECommonConfig extends WebSecurityConfigurerAdapter{
@Autowired
private HttpSecurity httpSecurity;
@Autowired
private UserDetailsService userDetailsService;
@Bean(name = "requestAuthorization")
public RequestAuthorization requestAuthorization() {
return new RequestAuthorization();
}
/**провайдер для аутентификации через базу данных*/
@Bean
public DaoAuthenticationProvider jdbcAuthProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(passwordEncoder());
return authProvider;
}
/**бин для шифрования паролей*/
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
/**бин для фильтра проверки наличия LDAP-пользователя в базе данных*/
@Bean
public LDAPAuthenticationFilter ldapAuthenticationFilter() throws Exception {
return new LDAPAuthenticationFilter(authenticationManager());
}
@PostConstruct
public void init() throws Exception {
httpSecurity.httpBasic()
.and()
.authorizeRequests().antMatchers("/**").authenticated()
.and()
.authenticationProvider(jdbcAuthProvider())
.csrf().disable();
httpSecurity.addFilterAt(ldapAuthenticationFilter(), LDAPAuthenticationFilter.class);
httpSecurity.authorizeRequests().antMatchers("/**").access("@requestAuthorization.checkRequestPermissions(authentication, request)");
}
}
在主项目中还有MainConfig
@Configuration
@EnableWebSecurity
@Order(value = Ordered.HIGHEST_PRECEDENCE)
public class MainConfig extends WebSecurityConfigurerAdapter{
@Bean(name = "httpSecurity")
public HttpSecurity httpSecurity() throws Exception {
return getHttp();
}
}
仅适用于身份验证。筛选器和.access无法正常工作。无错误显示。我用过调试-过滤器和@requestAuthorization bean甚至没有用过
这两个配置类放置在不同的项目中,并且需要两个一起工作(如果包括两个项目)或其中一个(如果包括这些项目之一)。
如何使这两个配置类协同工作?