我正在尝试将ACL功能添加到我的服务器.我已经使用java文件配置了spring security,并希望以相同的方式添加ACL.我该怎么办?我发现的所有教程都使用了XML文件.
SecurityInit:
@Order(1)
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
}
SecurityConfig
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
@Component
@ComponentScan(basePackages = {"test.package"})
public class SecurityConfig extends
WebSecurityConfigurerAdapter {
...
@Autowired
protected void registerAuthentication(UserDetailsService userDetailsService, AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
// http://stackoverflow.com/a/21100458/162345
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.headers().disable()
.addFilterBefore(...)
.addFilterBefore(...)
// TODO: create a better way to differentiate login to signup
.exceptionHandling()
.authenticationEntryPoint(noRedirectForAnonymous)
.and()
.formLogin()
.successHandler(restAuthenticationSuccessHandler)
.failureHandler(restAuthenticationFailureHandler)
.and()
.logout()
.logoutSuccessHandler(noRedirectLogoutSuccessHandler)
.and()
.authorizeRequests()
.antMatchers("/api/keywords/**").permitAll()
.antMatchers("/api/**").authenticated();
}
}
我在Spring Boot应用程序中通过Java配置设置ACL时遇到问题.我创建了一个小项目来重现问题.
我尝试过几种不同的方法.我遇到的第一个问题是EhCache,在我修复之后(我假设我做了)我再也无法登录了,看起来所有的数据都消失了.
有4个类具有不同的配置:
ACLConfig1.class
ACLConfig2.class
ACLConfig3.class
ACLConfig4.class
所有@PreAuthorize和@PostAuthorize注释都按预期工作,除了hasPermission.
控制器拥有4个端点:一个用于用户,一个用于管理员,一个用于公共端,最后一个用于让我头痛 @PostAuthorize("hasPermission(returnObject,'administration')")
我很确定DB中的插入是正确的.这个类是四个中的一个,也是我尝试过的最后一个类:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class ACLConfig4 {
@Autowired
DataSource dataSource;
@Bean
public EhCacheBasedAclCache aclCache() {
return new EhCacheBasedAclCache(aclEhCacheFactoryBean().getObject(), permissionGrantingStrategy(), aclAuthorizationStrategy());
}
@Bean
public EhCacheFactoryBean aclEhCacheFactoryBean() {
EhCacheFactoryBean ehCacheFactoryBean = new EhCacheFactoryBean();
ehCacheFactoryBean.setCacheManager(aclCacheManager().getObject());
ehCacheFactoryBean.setCacheName("aclCache");
return ehCacheFactoryBean;
}
@Bean
public EhCacheManagerFactoryBean aclCacheManager() {
return new EhCacheManagerFactoryBean();
}
@Bean
public DefaultPermissionGrantingStrategy permissionGrantingStrategy() {
ConsoleAuditLogger consoleAuditLogger = new ConsoleAuditLogger();
return new DefaultPermissionGrantingStrategy(consoleAuditLogger); …