spring security 中配置多个 AuthenticationManager

其他 2018-11-08 15:46:59 阅读次数: 0

基于spring-security4.2.x和security-oauth2.3.x

在使用Security配置Oauth2.0的时候需要多个authenticationManager来管理来自不同方向的认证管理,比如一个clientAuthenticationManager用来认证client_id和client_secret,配置另外一个authenticationManager来认证username和password

错误的配置方法:

<!-- authenticationManager for username and password -->
<!-- 不能用alias!! -->
<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider>
        <security:user-service id="userDetailsService">
            <security:user name="admin" password="111111" authorities="ROLE_USER" />
            <security:user name="user" password="111111" authorities="ROLE_USER" />
        </security:user-service>
    </security:authentication-provider>
</security:authentication-manager>

<!--客户端访问认证器-->
<!-- authenticationManager for client_id and client_secret -->
<security:authentication-manager id="clientAuthenticationManager">
    <security:authentication-provider user-service-ref="clientDetailsUserDetailsService"/>
</security:authentication-manager>

发现这样配置之后认证不能通过,全部都是以clientAuthenticationManager来认证管理。因为用id命名的clientAuthenticationManager会覆盖alias命名的authenticationManager,实践证明id会覆盖alias命名的authenticationManager

解决方案

1.对<security:authentication-manager>标签都使用id来指定authenticationManger的名称,这样就创建了两个不同的实例:

<security:authentication-manager id="authenticationManager" erase-credentials="true">
    <security:authentication-provider>
        <security:user-service id="userDetailsService">
            <security:user name="admin" password="111111" authorities="ROLE_USER" />
            <security:user name="user" password="111111" authorities="ROLE_USER" />
        </security:user-service>

    </security:authentication-provider>
</security:authentication-manager>

<!-- authenticationManager for client_id and client_secret -->
<security:authentication-manager id="clientAuthenticationManager">
    <security:authentication-provider user-service-ref="clientDetailsUserDetailsService"/>
</security:authentication-manager>

2.使用Bean方案创建:

<!-- authenticationManager for username and password -->
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
     <constructor-arg>
         <list>
             <bean class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
                 <property name="userDetailsService" ref="userDetailsManager"/>
             </bean>
         </list>
     </constructor-arg>
 </bean>
 <security:user-service id="userDetailsManager">
     <security:user name="admin" password="111111" authorities="ROLE_USER" />
     <security:user name="user" password="111111" authorities="ROLE_USER" />
 </security:user-service>


<!-- authenticationManager for client_id and client_secret -->
<security:authentication-manager id="clientAuthenticationManager">
    <security:authentication-provider user-service-ref="clientDetailsUserDetailsService"/>
</security:authentication-manager>

猜你喜欢

转载自blog.csdn.net/qq_32352565/article/details/83855990
今日推荐
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
周排行
Java基础复习_day13_Collection集合
2018.11.16 c语言学习经验
且看Java内置四大核心函数式接口
小程序云开发中数据库的数据分段和显示图片
python的函数
Web-JS进阶
【干货】C++常用代码积累笔记大全
Spring的ioc操作 与 IOC底层原理
构建之法20191121-11 Scrum立会报告+燃尽图 07
Spring boot之Hello World访问404
每日归档
更多
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022