相关疑难解决方法(0)

我正在使用Spring Security,我想将另一个站点用作我的身份验证提供程序之一.我在我的网站上有一个基本的表单登录.我希望在我的网站上有一个链接,将用户带到他们将登录的外部站点,然后外部站点将向我发送一个xml响应,其中包含我可以验证的数据以查看是否有成功登录.任何帮助将不胜感激!

1. 您如何将该流程集成到Spring Security中？
2. 一旦我收到回复,我将如何自动登录用户？

使用以下指导的示例:

过滤器(未显示我的数据来自请求的xml):

public class XMLAuthenticationFilter extends AbstractAuthenticationProcessingFilter{

    public XMLAuthenticationFilter() {
        super("/xml_security_check");
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request,
            HttpServletResponse response) throws AuthenticationException,
            IOException, ServletException {

            GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_USER")};
            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("userid", "pwd", grantedAuthorities);
            request.getSession();
            token.setDetails(new WebAuthenticationDetails(request));
            Authentication authenticatedUser = super.getAuthenticationManager().authenticate(token);
            SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
            request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
            return authenticatedUser;

}

}

认证提供者:

public class XMLAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider{
    private UserManager userManager;
    @Override
    protected void additionalAuthenticationChecks(UserDetails user, UsernamePasswordAuthenticationToken token) throws AuthenticationException {

    }

    @Override
    protected …