請查看我的以下配置,以將Spring Security v3.2.5與WebLogic Server v7集成。無法集成Spring Security和Web邏輯7
我試圖找到幾個地方找出如何整合,但沒有運氣。
運行我的下方配置應用程序,我得到「找到org.springframework.security.authentication.UsernamePasswordAuthenticationToken沒有的AuthenticationProvider」。
如果我們來看一下配置已經提到「preAuthenticatedAuthenticationProvider」作爲身份驗證提供認證管理器,用於preAuthenticatedAuthenticationProvider也提到「preAuthenticatedUserDetailsService」。
任何人都可以幫助我解決這個問題。
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- web sphere configuration start -->
<http auto-config="false" use-expressions="true">
<intercept-url pattern="/welcome*" access="permitAll" />
<form-login login-page="/login" default-target-url="/welcome"
authentication-failure-url="/loginfailed" />
<custom-filter before="PRE_AUTH_FILTER" ref="webspherePreAuthFilter" />
<logout logout-success-url="/logout" delete-cookies="JSESSIONID" />
<session-management invalid-session-url="/logout">
<concurrency-control max-sessions="1"
error-if-maximum-exceeded="true" expired-url="/sessionexpired" />
</session-management>
</http>
<beans:bean id="filterChainProxy"
class="org.springframework.security.web.FilterChainProxy">
<filter-chain-map path-type="ant">
<!-- <filter-chain pattern="/**"
filters="sif,webspherePreAuthFilter,logoutFilter,etf,fsi" /> -->
<filter-chain pattern="/welcome*"
filters="webspherePreAuthFilter,logoutFilter,etf,fsi" />
</filter-chain-map>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="preAuthenticatedAuthenticationProvider" />
</authentication-manager>
<beans:bean id="preAuthenticatedAuthenticationProvider"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
<beans:property name="preAuthenticatedUserDetailsService"
ref="preAuthenticatedUserDetailsService" />
</beans:bean>
<beans:bean id="preAuthenticatedUserDetailsService"
class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService" />
<!-- This AbstractPreAuthenticatedProcessingFilter implementation is based
on WebSphere authentication. It will use the WebSphere RunAs user principal
name as the pre-authenticated principal. -->
<beans:bean id="webspherePreAuthFilter"
class="org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedProcessingFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationDetailsSource" ref="authenticationDetailsSource" />
</beans:bean>
<beans:bean id="authenticationDetailsSource"
class="org.springframework.security.web.authentication.preauth.websphere.WebSpherePreAuthenticatedWebAuthenticationDetailsSource">
<beans:property name="webSphereGroups2GrantedAuthoritiesMapper"
ref="websphereUserGroups2GrantedAuthoritiesMapper" />
</beans:bean>
<beans:bean id="websphereUserGroups2GrantedAuthoritiesMapper"
class="org.springframework.security.core.authority.mapping.SimpleAttributes2GrantedAuthoritiesMapper">
<beans:property name="convertAttributeToUpperCase"
value="true" />
</beans:bean>
<beans:bean id="preAuthenticatedProcessingFilterEntryPoint"
class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<beans:bean id="logoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<beans:constructor-arg value="/" />
<beans:constructor-arg>
<beans:list>
<beans:bean
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
</beans:list>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="etf"
class="org.springframework.security.web.access.ExceptionTranslationFilter">
<beans:property name="authenticationEntryPoint"
ref="preAuthenticatedProcessingFilterEntryPoint" />
</beans:bean>
<beans:bean id="fsi"
class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
<beans:property name="securityMetadataSource">
<filter-security-metadata-source>
<intercept-url pattern="/welcome*" access="ROLE_LDP_ADMINS" />
</filter-security-metadata-source>
</beans:property>
</beans:bean>
<beans:bean id="httpRequestAccessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<beans:property name="allowIfAllAbstainDecisions"
value="false" />
<beans:property name="decisionVoters">
<beans:list>
<beans:ref bean="roleVoter" />
</beans:list>
</beans:property>
</beans:bean>
<beans:bean id="roleVoter"
class="org.springframework.security.access.vote.RoleVoter" />
<!-- web sphere configuration ends -->
我試過在發佈之前提到的接近,似乎一切正常,除非我無法解碼密碼。我們刪除了安全部分,並對WebSphere進行了基本身份驗證,然後重定向到應用程序中的其他頁面。我有一些時間來做一些研發,我會很快發佈我的結果。感謝您的投入。 – 2014-12-02 07:05:10