AuthenticationProvider 函数在将 spring security 2 迁移到 spring security 4 后不调用。
我正在使用自定义提供程序和 ldap 身份验证,我的所有配置都可以,但是当我尝试连接时,我的 AccessDecisionVoter.vote 中有一个 anonymousUser
请在此处查看描述代码:
public class RoleVoter implements AccessDecisionVoter<Object> {
@SuppressWarnings("unchecked")
public boolean supports(Class clazz) {
return true;
}
/**
* @see AccessDecisionVoter#supports(ConfigAttribute)
*/
public boolean supports(ConfigAttribute configAttribute) {
if (getAttributeValue(configAttribute) != null) {
try {
//Integer.parseInt(configAttribute.getAttribute());
return true;
} catch (Exception e) {
return false;
}
}
return false;
}
public String getAttributeValue(ConfigAttribute attribute){
if (attribute instanceof ConfigAttribute) {
return attribute.toString();
}
return attribute.getAttribute();
}
public int vote(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributeDefinition) {
return result;
}
}
@Component
public class MyAuthenticationProvider implements AuthenticationProvider {
private static final Logger LOG = Logger
.getLogger(MyAuthenticationProvider.class);
protected MessageSourceAccessor messages = SpringSecurityMessageSource
.getAccessor();
private LdapAuthenticator authenticator;
private UserDetailsService userDetailsService;
private boolean useAuthenticationRequestCredentials = true;
public MyAuthenticationProvider(LdapAuthenticator authenticator,
UserDetailsService userDetailsService) {
setAuthenticator(authenticator);
setUserDetailsService(userDetailsService);
}
public MyAuthenticationProvider() {
}
//—> not called????
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class,authentication,messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.onlySupports",
"Only UsernamePasswordAuthenticationToken is supported"));
UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken) authentication;
//my authentication
return return new UsernamePasswordAuthenticationToken(user, password, user
.getAuthorities());
}
private LdapAuthenticator getAuthenticator() {
return authenticator;
}
protected UserDetailsService getUserDetailsService() {
return userDetailsService;
}
private void setAuthenticator(LdapAuthenticator authenticator) {
Assert.notNull(authenticator, "An LdapAuthenticator must be supplied");
this.authenticator = authenticator;
}
private void setUserDetailsService(UserDetailsService userDetailsService) {
Assert.notNull(userDetailsService,
"An UserDetailsService must be supplied");
this.userDetailsService = userDetailsService;
}
@SuppressWarnings("unchecked")
@Override
public boolean supports(Class authentication) {
return UsernamePasswordAuthenticationToken.class
.isAssignableFrom(authentication);
}
}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<!-- Security configuration -->
<security:http pattern="/struts/**" security="none" />
<security:http pattern="/resources/**" security="none" />
<security:http pattern="/dojo/**" security="none" />
<security:http pattern="/index.jsp" security="none" />
<security:http pattern="/pages/authentication/auth.jsp*"
security="none" />
<security:http pattern="/authentication/authErr.action*"
security="none" />
<security:http pattern="/authentication/auth.action*"
security="none" />
<security:http pattern="/authentication/logout.action*"
security="none" />
<security:http pattern="/resources/firefox/*" security="none" />
<!-- ************************************************************************** -->
<security:http disable-url-rewriting="false" auto-config="true" use-expressions="false" access-decision-manager-ref="myAccessDecisionManager">
<security:access-denied-handler error-page="/pages/authentication/denied.jsp"/>
<security:csrf disabled="true"/>
<security:headers disabled="true"/>
<security:intercept-url pattern="/struts/**" />
<security:intercept-url pattern="/resources/**" />
<security:intercept-url pattern="/dojo/**" />
<security:intercept-url pattern="/index.jsp" />
<security:intercept-url
pattern="/pages/authentication/auth.jsp*" />
<security:intercept-url
pattern="/authentication/authErr.action*" />
<security:intercept-url
pattern="/authentication/auth.action*" />
<security:intercept-url pattern="/authentication/logout.action*" />
<security:intercept-url pattern="/resources/firefox/*" />
<security:intercept-url pattern="/**" access="hasRole('1')" /><!-- OR access=1 -->
<security:form-login
login-page="/authentication/auth.action"
always-use-default-target="false"
default-target-url="/home/home.action"
authentication-failure-url="/authentication/authErr.action" />
<security:anonymous granted-authority="99" />
<security:session-management>
<security:concurrency-control error-if-maximum-exceeded="true" max-sessions="1"/>
</security:session-management>
</security:http>
<!-- LDAP configuration -->
<bean id="dbLdapManager"
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass"
value="local.framework.ldap-java5.DBLdapManager" />
<property name="targetMethod" value="setDbLdapParameters" />
<property name="arguments">
<list>
<bean id="dbLdapParameters"
class="local.framework.ldap-java5.DBLdapParameters">
<property name="application" value="refpat" />
<property name="dbLdapDriver"
value="com.sun.jndi.ldap.LdapCtxFactory" />
<property name="dbLdapURL"
value="${ldap-host}" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource"
class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<constructor-arg value="${ldap-host}" />
<property name="userDn" value="cn=manager,dc=springframework,dc=org"/>
<property name="pooled" value="true" />
</bean>
<bean id="ldapAuthProvider"
class="mypackage.security.provider.MyAuthenticationProvider">
<!-- <security:custom-authentication-provider /> -->
<constructor-arg>
<bean
class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource" />
<property name="userDnPatterns">
<list>
<value>${ldap-dn-pattern}</value>
</list>
</property>
</bean>
</constructor-arg>
<constructor-arg ref="userService" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="ldapAuthProvider"/>
</security:authentication-manager>
<bean id="userService"
class="mypackage.security.MyUserDetails">
<property name="serviceLookups" ref="serviceLookups" />
</bean>
<bean id="myAccessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased"><!-- old:org.springframework.security.vote.UnanimousBased -->
<constructor-arg>
<list>
<bean class="mypackage.security.vote.RoleVoter"/>
<!-- other voter …—>
</list>
</constructor-arg>
</bean>
<bean id="loggerListener"
class="org.springframework.security.access.event.LoggerListener" />
</beans>
任何解决方案/想法来解决我的问题?非常感谢