如何使多个WebSecurityConfigurerAdapters一起工作?

时间:2019-05-21 05:48:49

标签: spring spring-security

我在两个不同的项目中有两个配置文件 第一个:

 @Configuration
@Order(2)
public class SecurityConfig {

    /**адрес сервера LDAP*/
    @Value("${ldap.server}")
    private String ldapServer;

    /**номер порта LDAP сервера*/
    @Value("${ldap.port}")
    private int ldapPort;

    /**домен для LDAP*/
    @Value("${ldap.suffix}")
    private String suffix;

    @Autowired
    private HttpSecurity httpSecurity;

    @PostConstruct
    public void init() throws Exception {
        httpSecurity
            .httpBasic()
            .and()
            .authorizeRequests().antMatchers("/**").authenticated()
            .and()
            .authenticationProvider(adAuthProvider())     
            .csrf().disable();      
    }

    /**провайдер для аутентификации через LDAP*/
    @Bean
    public ActiveDirectoryLdapAuthenticationProvider adAuthProvider() {

        String ldapUrl = String.format("ldap://%s:%s", ldapServer, ldapPort);

        ActiveDirectoryLdapAuthenticationProvider adAuthProvider = new ActiveDirectoryLdapAuthenticationProvider(suffix, ldapUrl);
        adAuthProvider.setConvertSubErrorCodesToExceptions(true);
        adAuthProvider.setUseAuthenticationRequestCredentials(true);
        return adAuthProvider;
    }

}

第二个:

    @Configuration
@Order(3)
public class ECommonConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    private HttpSecurity httpSecurity;

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean(name = "requestAuthorization")
    public RequestAuthorization requestAuthorization() {
        return new RequestAuthorization();
    }

    /**провайдер для аутентификации через базу данных*/
    @Bean
    public DaoAuthenticationProvider jdbcAuthProvider() {
        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
        authProvider.setUserDetailsService(userDetailsService);
        authProvider.setPasswordEncoder(passwordEncoder());
        return authProvider;
    }

    /**бин для шифрования паролей*/
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }


    /**бин для фильтра проверки наличия LDAP-пользователя в базе данных*/
    @Bean
    public LDAPAuthenticationFilter ldapAuthenticationFilter() throws Exception {
        return new LDAPAuthenticationFilter(authenticationManager());
    }

    @PostConstruct
    public void init() throws Exception {
        httpSecurity.httpBasic()
            .and()
            .authorizeRequests().antMatchers("/**").authenticated()
            .and()
            .authenticationProvider(jdbcAuthProvider())
            .csrf().disable();
        httpSecurity.addFilterAt(ldapAuthenticationFilter(), LDAPAuthenticationFilter.class);
        httpSecurity.authorizeRequests().antMatchers("/**").access("@requestAuthorization.checkRequestPermissions(authentication, request)");
    }
}

在主项目中还有MainConfig

@Configuration
@EnableWebSecurity
@Order(value = Ordered.HIGHEST_PRECEDENCE)
public class MainConfig extends WebSecurityConfigurerAdapter{

    @Bean(name = "httpSecurity")
    public HttpSecurity httpSecurity() throws Exception {
        return getHttp();
    }       
}

仅适用于身份验证。筛选器和.access无法正常工作。无错误显示。我用过调试-过滤器和@requestAuthorization bean甚至没有用过

这两个配置类放置在不同的项目中,并且需要两个一起工作(如果包括两个项目)或其中一个(如果包括这些项目之一)。

如何使这两个配置类协同工作?

0 个答案:

没有答案