0

如何动态生成“intercept-url”。我的用户名和角色存储在数据库中,我想将所有这些用户映射到 Spring Security。有没有办法做到这一点?

4

2 回答 2

0

您必须提供自己的 com.icod.solapCore.spring.security.FilterInvocationSecurityMetadataSource 实现。

这可能看起来像这样:

public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

      @Override
      public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
        FilterInvocation filterInvocation = (FilterInvocation) object;
        HttpServletRequest request = filterInvocation.getHttpRequest();
        Collection<ConfigAttribute> result = new ArrayList<ConfigAttribute>();
        // Find roles in database that secures the specified request
        // ...
        // For any role found, create a SecurityConfig object prefixed with "ROLE_" ex : 
        // for(String role : roles) {
        //   ConfigAttribute attribute = new SecurityConfig("ROLE_"+roleFound);
        //   result.add(attribute);
        // }

        return result;
      }

      @Override
      public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
      }

      @Override
      public boolean supports(Class<?> clazz) {
        return FilterInvocation.class.isAssignableFrom(clazz);
      }
}

然后你必须用你自己的替换默认的 FilterInvocationSecurityMetadataSource。我用一个 BeanPostProcessor 来做,它在 spring 读取配置文件之后但在配置正式之前调用。看起来像这样:

public class MyFilterInvocationSecurityMetadataSourceBeanPostProcessor implements BeanPostProcessor {

  private FilterInvocationSecurityMetadataSource metadataSource = new MyFilterInvocationSecurityMetadataSource();

  @Override
  public Object postProcessBeforeInitialization(Object bean, String name) throws BeansException {
    if (bean instanceof FilterInvocationSecurityMetadataSource) {
      return metadataSource;
    }
    return bean;
  }

  @Override
  public Object postProcessAfterInitialization(Object bean, String name) throws BeansException {
    return bean;
  }
}

然后你只需要配置 bean 后处理器:

<bean id="solapcoreFilterInvocationSecurityMetadataSourceBeanPostProcessor" class="foo.bar.MyFilterInvocationSecurityMetadataSourceBeanPostProcessor"/>

希望这有帮助。

于 2013-06-03T19:46:48.227 回答
-1

赋予所有用户相同的角色并在 config.xml 中使用该角色进行操作。

你可以在这里阅读 abour 角色

于 2013-05-31T08:48:37.557 回答