2

我们正在将 Struts 1.3 Web 应用程序迁移到 SpringBoot。我们应用程序的一个功能是识别 Windows AD 用户,然后调用自定义 Web 服务进行身份验证、分配角色并自动登录到应用程序。

在 Struts 中,我们使用 Waffle 通过获取Java中request.getRemoteUser()的值来识别 Windows AD 登录用户。

对于 Spring Boot,我们做了以下工作

在 pom.xml 中,我们添加了依赖项

    <dependency>
        <groupId>net.java.dev.jna</groupId>
        <artifactId>jna</artifactId>
        <version>${jna.version}</version>
    </dependency>
    <dependency>
        <groupId>net.java.dev.jna</groupId>
        <artifactId>jna-platform</artifactId>
        <version>${jna.version}</version>
    </dependency>
    <dependency>
        <groupId>com.github.waffle</groupId>
        <artifactId>waffle-spring-security4</artifactId>
        <version>2.2.1</version>
    </dependency>

我们有一个 SecurityConfig.java,我们在其中进行了以下更改。请注意,我们没有使用基于 Spring 的登录。

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private NegotiateSecurityFilter negotiateSecurityFilter;

@Autowired
private NegotiateSecurityFilterEntryPoint entryPoint;

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.addFilterBefore(negotiateSecurityFilter, BasicAuthenticationFilter.class);
    http.httpBasic().disable();
    http.csrf().disable().cors();
    }

@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication();

}
}

我们这里维护了Waffle相关的配置——WaffleConfig.java

@Configuration
public class WaffleConfig {

        @Bean
        public WindowsAuthProviderImpl waffleWindowsAuthProvider() {
            return new WindowsAuthProviderImpl();
        }

        @Bean
        public NegotiateSecurityFilterProvider negotiateSecurityFilterProvider(
                WindowsAuthProviderImpl windowsAuthProvider) {
            return new NegotiateSecurityFilterProvider(windowsAuthProvider);
        }

        @Bean
        public BasicSecurityFilterProvider basicSecurityFilterProvider(WindowsAuthProviderImpl windowsAuthProvider) {
            return new BasicSecurityFilterProvider(windowsAuthProvider);
        }

        @Bean
        public SecurityFilterProviderCollection waffleSecurityFilterProviderCollection(
                NegotiateSecurityFilterProvider negotiateSecurityFilterProvider,
                BasicSecurityFilterProvider basicSecurityFilterProvider) {
            SecurityFilterProvider[] securityFilterProviders = {
                    negotiateSecurityFilterProvider,
                    basicSecurityFilterProvider };
            return new SecurityFilterProviderCollection(securityFilterProviders);
        }

        @Bean
        public NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint(
                SecurityFilterProviderCollection securityFilterProviderCollection) {
            NegotiateSecurityFilterEntryPoint negotiateSecurityFilterEntryPoint = new NegotiateSecurityFilterEntryPoint();
            negotiateSecurityFilterEntryPoint.setProvider(securityFilterProviderCollection);
            return negotiateSecurityFilterEntryPoint;
        }

        @Bean
        public NegotiateSecurityFilter waffleNegotiateSecurityFilter(SecurityFilterProviderCollection securityFilterProviderCollection) {
            NegotiateSecurityFilter negotiateSecurityFilter = new NegotiateSecurityFilter();
            negotiateSecurityFilter.setProvider(securityFilterProviderCollection);
            return negotiateSecurityFilter;
        }

        // This is required for Spring Boot so it does not register the same filter twice
        @Bean
        public FilterRegistrationBean waffleNegotiateSecurityFilterRegistration(NegotiateSecurityFilter waffleNegotiateSecurityFilter) {
            FilterRegistrationBean registrationBean = new FilterRegistrationBean();
            registrationBean.setFilter(waffleNegotiateSecurityFilter);
            registrationBean.setEnabled(false);
            return registrationBean;
        }
    }

但是,当我们尝试获取request.getRemoteUser()的值时,该值为null

对于这样一个看似简单的要求,我们做错了什么?

4

1 回答 1

2

我按照这里的配置解决了这个问题

https://github.com/Waffle/waffle/tree/master/Source/JNA/waffle-demo/waffle-spring-boot-filter2

在 pom.xml 中,我们添加了依赖项

<dependency>
    <groupId>net.java.dev.jna</groupId>
    <artifactId>jna</artifactId>
    <version>${jna.version}</version>
</dependency>
<dependency>
    <groupId>net.java.dev.jna</groupId>
    <artifactId>jna-platform</artifactId>
    <version>${jna.version}</version>
</dependency>
<dependency>
    <groupId>com.github.waffle</groupId>
    <artifactId>waffle-spring-boot-starter</artifactId>
    <version>2.2.1</version>
</dependency>

在 SecurityConfig.java 中进行以下更改

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private NegotiateSecurityFilter filter;
private NegotiateSecurityFilterEntryPoint entryPoint;

/**
 * Autowire constructor injects bean auto-configured by Starter.
 *
 * @param filter
 *            the filter
 * @param entryPoint
 *            the entry point
 */
public SecurityConfig(NegotiateSecurityFilter filter, NegotiateSecurityFilterEntryPoint entryPoint) {
    this.filter = filter;
    this.entryPoint = entryPoint;
}

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().anyRequest().authenticated().and()
    .addFilterBefore(filter, BasicAuthenticationFilter.class).exceptionHandling()
    .authenticationEntryPoint(entryPoint);
}
}
于 2020-04-16T15:11:43.477 回答