無法集成Spring Security和Web邏輯7

Question

請查看我的以下配置，以將Spring Security v3.2.5與WebLogic Server v7集成。

我試圖找到幾個地方找出如何整合，但沒有運氣。

運行我的下方配置應用程序，我得到「找到org.springframework.security.authentication.UsernamePasswordAuthenticationToken沒有的AuthenticationProvider」。

如果我們來看一下配置已經提到「preAuthenticatedAuthenticationProvider」作爲身份驗證提供認證管理器，用於preAuthenticatedAuthenticationProvider也提到「preAuthenticatedUserDetailsS​​ervice」。

任何人都可以幫助我解決這個問題。

<beans:beans xmlns="http://www.springframework.org/schema/security" 
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans.xsd 
     http://www.springframework.org/schema/security 
     http://www.springframework.org/schema/security/spring-security.xsd"> 


<!-- web sphere configuration start --> 

<http auto-config="false" use-expressions="true"> 
    <intercept-url pattern="/welcome*" access="permitAll" /> 
    <form-login login-page="/login" default-target-url="/welcome" 
     authentication-failure-url="/loginfailed" /> 
    <custom-filter before="PRE_AUTH_FILTER" ref="webspherePreAuthFilter" /> 
    <logout logout-success-url="/logout" delete-cookies="JSESSIONID" /> 
    <session-management invalid-session-url="/logout"> 
     <concurrency-control max-sessions="1" 
      error-if-maximum-exceeded="true" expired-url="/sessionexpired" /> 
    </session-management> 
</http> 

<beans:bean id="filterChainProxy" 
    class="org.springframework.security.web.FilterChainProxy"> 
    <filter-chain-map path-type="ant"> 
     <!-- <filter-chain pattern="/**" 
      filters="sif,webspherePreAuthFilter,logoutFilter,etf,fsi" /> --> 
     <filter-chain pattern="/welcome*" 
      filters="webspherePreAuthFilter,logoutFilter,etf,fsi" /> 
    </filter-chain-map> 
</beans:bean> 

<authentication-manager alias="authenticationManager"> 
    <authentication-provider ref="preAuthenticatedAuthenticationProvider" /> 
</authentication-manager> 

<beans:bean id="preAuthenticatedAuthenticationProvider" 
    class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> 
    <beans:property name="preAuthenticatedUserDetailsService" 
     ref="preAuthenticatedUserDetailsService" /> 
</beans:bean> 


<beans:bean id="preAuthenticatedUserDetailsService" 
    class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService" /> 

<!-- This AbstractPreAuthenticatedProcessingFilter implementation is based 
    on WebSphere authentication. It will use the WebSphere RunAs user principal 
    name as the pre-authenticated principal. --> 


<beans:bean id="webspherePreAuthFilter" 
    class="org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter"> 
    <beans:property name="authenticationManager" ref="authenticationManager" /> 
    <beans:property name="authenticationDetailsSource" ref="authenticationDetailsSource" /> 
</beans:bean> 


<beans:bean id="authenticationDetailsSource" 
    class="org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource"> 
    <beans:property name="webSphereGroups2GrantedAuthoritiesMapper" 
     ref="websphereUserGroups2GrantedAuthoritiesMapper" /> 
</beans:bean> 

<beans:bean id="websphereUserGroups2GrantedAuthoritiesMapper" 
    class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper"> 
    <beans:property name="convertAttributeToUpperCase" 
     value="true" /> 
</beans:bean> 

<beans:bean id="preAuthenticatedProcessingFilterEntryPoint" 
    class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" /> 

<beans:bean id="logoutFilter" 
    class="org.springframework.security.web.authentication.logout.LogoutFilter"> 
    <beans:constructor-arg value="/" /> 
    <beans:constructor-arg> 
     <beans:list> 
      <beans:bean 
       class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" /> 
     </beans:list> 
    </beans:constructor-arg> 
</beans:bean> 

<beans:bean id="etf" 
    class="org.springframework.security.web.access.ExceptionTranslationFilter"> 
    <beans:property name="authenticationEntryPoint" 
     ref="preAuthenticatedProcessingFilterEntryPoint" /> 
</beans:bean> 

<beans:bean id="fsi" 
    class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> 
    <beans:property name="authenticationManager" ref="authenticationManager" /> 
    <beans:property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" /> 
    <beans:property name="securityMetadataSource"> 
     <filter-security-metadata-source> 
      <intercept-url pattern="/welcome*" access="ROLE_LDP_ADMINS" /> 
     </filter-security-metadata-source> 
    </beans:property> 
</beans:bean> 

<beans:bean id="httpRequestAccessDecisionManager" 
    class="org.springframework.security.access.vote.AffirmativeBased"> 
    <beans:property name="allowIfAllAbstainDecisions" 
     value="false" /> 
    <beans:property name="decisionVoters"> 
     <beans:list> 
      <beans:ref bean="roleVoter" /> 
     </beans:list> 
    </beans:property> 
</beans:bean> 

<beans:bean id="roleVoter" 
    class="org.springframework.security.access.vote.RoleVoter" /> 


<!-- web sphere configuration ends --> 

Answer 1

已包含在你的配置form-login，這將創建UsernamePasswordAuthenticationToken，並將其提交給身份驗證管理。但是，後者只有一個PreAuthenticatedAuthenticationProvider，它不能處理這種類型的認證，因此是錯誤。

您需要添加一個可以處理用戶名/密碼認證的AuthenticationProvider。

另外，您似乎混合了命名空間配置和顯式bean配置。您應該選擇一個或另一個 - 這使得很難確定您發佈的示例中實際使用的是什麼。