我们的应用程序中有一个典型的要求.
我们有两个Spring Security配置:1.CAS Server 2. LDAP(NTLM)
因此,现在我们需要检查CAS服务器是否可用,并根据CAS服务器可用性使用CAS或LDAP安全配置.
我试图动态更改Entrypoint网址,但是,两个配置文件都使用不同的bean /类.
有没有其他方法来实现这一目标?
请告诉我如何实现这一目标以及如何实现这一目标?
提前致谢.
拉吉
您可以创建DelegatingAuthenticationEntryPoint,如果CAS服务器已启动或委派给LoginUrlAuthenticationEntryPoint,它将委派给标准CasAuthenticationEntryPoint.实现看起来如下所示
public class DelegatingAuthenticationEntryPoint implements AuthenticationEntryPoint {
private AuthenticationEntryPoint casAuthenticationEntryPoint;
private AuthenticationEntryPoint ldapAuthenticationEntryPoint;
public DelegatingAuthenticationEntryPoint(AuthenticationEntryPoint casAuthenticationEntryPoint,
AuthenticationEntryPoint ldapAuthenticationEntryPoint) {
this.casAuthenticationEntryPoint = casAuthenticationEntryPoint;
this.ldapAuthenticationEntryPoint = ldapAuthenticationEntryPoint;
}
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
if(casServerAvailable()) {
casAuthenticationEntryPoint.commence(request, response, authException);
} else {
ldapAuthenticationEntryPoint.commence(request, response, authException);
}
}
private boolean casServerAvailable() {
// TODO implement this method
return false;
}
}
然后,您将使用类似于以下内容的entry-point-ref属性连接DelegatingAuthenticationEntryPoint:
<sec:http entry-point-ref="delegateEntryPoint">
...
</sec:http>
<bean id="delegateEntryPoint" class="sample.DelegatingAuthenticationEntryPoint">
<constructor-arg>
<bean class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
p:serviceProperties-ref="serviceProperties"
p:loginUrl="https://example.com/cas/login" />
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
p:loginFormUrl="/login"/>
</constructor-arg>
</bean>
| 归档时间: |
|
| 查看次数: |
2922 次 |
| 最近记录: |