我想讨论提供一种解决方案,以允许在SEC-972的 spring-security-acl中为ObjectIdentity.getIdentifier()提供UUID值。Spring Security贡献准则指向Spring Security论坛,这些论坛现已关闭并且指向Stack Overflow,因此希望我在正确的位置提出要求。
我的解决方案在acl_class表中添加了新列class_id_type,该列可以有选择地允许您为该acl_class指定Java类型。如果将ConversionService连接到BasicLookupStrategy,并且acl_class指定了class_id_type,则ConversionService将用于将标识符转换为正确的类型。这增加了对spring-core的依赖。
acl_class模式如下所示:
create table acl_class(
id bigint generated by default as identity(start with 100) not null primary key,
class varchar_ignorecase(100) not null,
class_id_type varchar_ignorecase(100),
constraint unique_uk_2 unique(class)
);
然后,lookupStrategy的定义如下所示:
<bean id="conversionService" class="org.springframework.context.support.ConversionServiceFactoryBean"/>
<!-- Declare a lookup strategy-->
<bean id="lookupStrategy" class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg ref="permissionGrantingStrategy"/>
<constructor-arg ref="conversionService"/>
<property name="permissionFactory" ref="permissionFactory"/>
</bean>
对BasicLookupStrategy.convertCurrentResultIntoObject()的调整如下所示:
// If the Java type is a String, check to see if we can convert it to the target …