文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
社区首页 >问答首页 >将XML安全配置转换为Java配置

将XML安全配置转换为Java配置
EN

Stack Overflow用户
提问于 2016-06-01 04:52:59
回答 1查看 1.9K关注 0票数 0

我束手无策,试图将以下基于XML的配置转换为基于POJO的配置:

代码语言:javascript
复制
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">

<bean id="auth0EntryPoint" class="com.auth0.spring.security.auth0.Auth0AuthenticationEntryPoint" />

<!-- all urls starting with unsecured are -->
<security:http pattern="${auth0.securedRoute}" create-session="stateless"  entry-point-ref="auth0EntryPoint" use-expressions="false">
    <security:intercept-url pattern="${auth0.securedRoute}" access="ROLE_USER" />
    <security:custom-filter ref="auth0Filter" after="SECURITY_CONTEXT_FILTER" ></security:custom-filter>
    <security:csrf disabled="true"></security:csrf> 
</security:http>

<!-- Otherwise by default everything is secured -->
<security:http auto-config="true" use-expressions="true"  pattern="/**" create-session="stateless"  entry-point-ref="auth0EntryPoint">
    <security:intercept-url pattern="/**" access='permitAll' />
    <security:csrf disabled="true"></security:csrf>
</security:http>

<bean id="auth0Filter" class="com.auth0.spring.security.auth0.Auth0AuthenticationFilter">
    <property name="entryPoint" ref="auth0EntryPoint"></property>
</bean>

<bean id="auth0AuthenticationProvider" class="com.auth0.spring.security.auth0.Auth0AuthenticationProvider">
    <property name="clientSecret" value="${auth0.clientSecret}" ></property>
    <property name="clientId" value="${auth0.clientId}" ></property>
    <property name="securedRoute" value="${auth0.securedRoute}" ></property>
</bean>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="auth0AuthenticationProvider" />
</security:authentication-manager>

目前,我有这样的东西:

代码语言:javascript
复制
package com.simplymeasured.uam;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

import com.auth0.spring.security.auth0.Auth0AuthenticationEntryPoint;
import com.auth0.spring.security.auth0.Auth0AuthenticationFilter;
import com.auth0.spring.security.auth0.Auth0AuthenticationProvider;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(authenticationProvider());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .httpBasic().authenticationEntryPoint(auth0EntryPoint());
        http
            .csrf().disable()
            .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http
            .addFilter(auth0Filter());
        http
            .authorizeRequests()
            .anyRequest()
            .authenticated();
        System.out.println("CONFIGURE GETTING CALLED");
        super.configure(http);
    }


    public AuthenticationProvider authenticationProvider() {
        Auth0AuthenticationProvider  provider = new Auth0AuthenticationProvider();
        provider.setClientId("<auth0client>");
        provider.setClientSecret("<auth0secret>");
        provider.setSecuredRoute("/v2/**");
        return provider;
    }

    public Auth0AuthenticationFilter auth0Filter() {
        Auth0AuthenticationFilter auth0Filter = new Auth0AuthenticationFilter();
        auth0Filter.setEntryPoint(auth0EntryPoint());
        return auth0Filter;
    }

    public Auth0AuthenticationEntryPoint auth0EntryPoint() {
        Auth0AuthenticationEntryPoint auth0EntryPoint = new Auth0AuthenticationEntryPoint();
        return auth0EntryPoint;
    }


}

但它已经经历了几十次迭代,我只是没有得到它需要的任何东西。目前,我正在处理一个问题,它声称过滤器链已经是一个已定义的bean,因此没有请求通过。任何帮助或提示都将是巨大的,我还没有找到spring-security-4的参考书,所以我只是试图拼凑代码样本。

spring-security
EN

回答 1

Stack Overflow用户

发布于 2016-06-01 05:00:08

我确信,一旦我发布了我的问题:Why isn’t this Spring Security AuthenticationProvider found after being Java configured?,我注定只能获得相关的搜索结果

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/37555415

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 粤公网安备44030502008569号

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档