我在spring/spring-mvc中有一个完全使用JSON通信的应用程序.现在我需要通过JSON使用spring security 3(使用LdapAuthenticationProvider)对我的应用程序进行身份验证.
默认的spring seurity提交表单需要这样的POST:
POST /myapp/j_spring_security_check HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 32
Host: 127.0.0.1:8080
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
j_username=myUsername&j_password=myPass
但我想传递一个像这样的JSON对象:
{"j_username":"myUsername","j_password":"myPass"}
我看了很多帖子喜欢这样,这样其他的或这一个没有运气,在所有的Ajax的情况下完成一个POST像上面.
有任何想法吗?
我正在rest与一起写服务json。对于后端,我使用Spring Security。我有形式巫婆发送与ajax其余对象,如下所示:
{email: "admin", password: "secret"}
现在在服务器上,我的配置如下:
@Configuration
@EnableWebSecurity
@ComponentScan("pl.korbeldaniel.cms.server")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private RestAuthenticationEntryPoint restAuthenticationEntryPoint;
@Autowired
private RestAuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
private RestAuthenticationFailureHandler authenticationFailureHandler;
@Bean
JsonAuthenticationFilter jsonAuthenticationFilter() throws Exception {
JsonAuthenticationFilter filter = new JsonAuthenticationFilter();
filter.setAuthenticationManager(authenticationManagerBean());
System.out.println("jsonAuthenticationFilter");
return filter;
}
@Bean
public RestAuthenticationSuccessHandler mySuccessHandler() {
return new RestAuthenticationSuccessHandler();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("admin").password("secret").roles("ADMIN");
// auth.jdbcAuthentication().
}
@Override
protected void configure(HttpSecurity http) throws Exception { …