67,513
社区成员
发帖
与我相关
我的任务
分享Spring Security 定义多个authentication-manager出问题
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns="http://www.springframework.org/schema/security">
<!-- 不限制访问的url -->
<http security="none" pattern="/admin/loginUI.do*" />
<http security="none" pattern="/admin/login.jsp*" />
<http security="none" pattern="/index.jsp*" />
<!-- 不拦截图片,js,css -->
<http pattern="/**/*.jpg" security="none" />
<http pattern="/**/*.png" security="none" />
<http pattern="/**/*.gif" security="none" />
<http pattern="/**/*.css" security="none" />
<http pattern="/**/*.js" security="none" />
<http entry-point-ref="loginUrlEntryPoint" access-denied-page="/notaccess.jsp">
<!-- 前台页面拦截 -->
<intercept-url pattern="/users/**" access="ROLE_USERS" />
<intercept-url pattern="/views/web/users/**" access="ROLE_USERS" />
<!-- 后台页面拦截 -->
<intercept-url pattern="/admin/**" access="ROLE_ADMIN" />
<intercept-url pattern="/views/admin/**" access="ROLE_ADMIN" />
<!-- 前台前置拦截器调用 -->
<custom-filter ref="webMyUsernamePasswordAuthenticationFilter" before="FORM_LOGIN_FILTER"/>
<!-- 后台前置拦截器调用 -->
<custom-filter ref="myUsernamePasswordAuthenticationFilter" position="FORM_LOGIN_FILTER"/>
</http>
<!-- 认证切入点,这里使用它的目的是保证当用户登录之前就访问前后台时,会跳转到不同的登录页面 -->
<beans:bean id="loginUrlEntryPoint" class="net.xqx.security.loginUrlEntryPoint" />
<!-- 配置自己写的前置拦截器 -->
<beans:bean class="net.xqx.security.WebMyUsernamePasswordAuthenticationFilter" id="webMyUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="webAuthenticationManager"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="WebloginLogAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="webSimpleUrlAuthenticationFailureHandler"></beans:property>
</beans:bean>
<!-- 验证成功后页面跳转 -->
<beans:bean id="WebloginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/users/usersCenter.do"></beans:property>
</beans:bean>
<!-- 验证失败后页面跳转 -->
<beans:bean id="webSimpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<beans:property name="defaultFailureUrl" value="/usersLoginUI.do?error=1"></beans:property>
</beans:bean>
<!-- userDetailsService配置 -->
<beans:bean class="net.xqx.security.WebUserDetailsServiceImpl" id="webUserDetailsService" />
<!-- 调用userDetailsService,并增加别名alias为自己写的前置拦截器提供调用 -->
<authentication-manager alias="webAuthenticationManager">
<authentication-provider user-service-ref="webUserDetailsService" >
</authentication-provider>
</authentication-manager>
<!-- 配置自己写的前置拦截器 -->
<beans:bean class="net.xqx.security.MyUsernamePasswordAuthenticationFilter" id="myUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"></beans:property>
</beans:bean>
<!-- 验证成功后页面跳转 -->
<beans:bean id="loginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/admin/login.do"></beans:property>
</beans:bean>
<!-- 验证失败后页面跳转 -->
<beans:bean id="simpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<beans:property name="defaultFailureUrl" value="/admin/loginUI.do?error=1"></beans:property>
</beans:bean>
<!-- userDetailsService配置 -->
<beans:bean lazy-init="true" class="net.xqx.security.UserDetailsServiceImpl" id="userDetailsService" />
<!-- 调用userDetailsService,并增加别名alias为自己写的前置拦截器提供调用 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailsService" >
</authentication-provider>
</authentication-manager>
</beans:beans>
无论我怎么设置,它总是只调用 net.xqx.security.UserDetailsServiceImpl 这个实现类,把后台的这个配置放到最前面,系统又只会调用net.xqx.security.WebUserDetailsServiceImpl 这个实现类,实在是搞不出来了
<beans:beans
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns="http://www.springframework.org/schema/security">
<!-- 不限制访问的url -->
<http security="none" pattern="/admin/loginUI.do*" />
<http security="none" pattern="/admin/login.jsp*" />
<http security="none" pattern="/index.jsp*" />
<!-- 不拦截图片,js,css -->
<http pattern="/**/*.jpg" security="none" />
<http pattern="/**/*.png" security="none" />
<http pattern="/**/*.gif" security="none" />
<http pattern="/**/*.css" security="none" />
<http pattern="/**/*.js" security="none" />
<http entry-point-ref="loginUrlEntryPoint" access-denied-page="/notaccess.jsp">
<!-- 前台页面拦截 -->
<intercept-url pattern="/users/**" access="ROLE_USERS" />
<intercept-url pattern="/views/web/users/**" access="ROLE_USERS" />
<!-- 后台页面拦截 -->
<intercept-url pattern="/admin/**" access="ROLE_ADMIN" />
<intercept-url pattern="/views/admin/**" access="ROLE_ADMIN" />
<!-- 前台前置拦截器调用 -->
<custom-filter ref="webMyUsernamePasswordAuthenticationFilter" before="FORM_LOGIN_FILTER"/>
<!-- 后台前置拦截器调用 -->
<custom-filter ref="myUsernamePasswordAuthenticationFilter" position="FORM_LOGIN_FILTER"/>
</http>
<!-- 认证切入点,这里使用它的目的是保证当用户登录之前就访问前后台时,会跳转到不同的登录页面 -->
<beans:bean id="loginUrlEntryPoint" class="net.xqx.security.loginUrlEntryPoint" />
<!-- 配置自己写的前置拦截器 -->
<beans:bean class="net.xqx.security.WebMyUsernamePasswordAuthenticationFilter" id="webMyUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="webAuthenticationManager"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="WebloginLogAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="webSimpleUrlAuthenticationFailureHandler"></beans:property>
</beans:bean>
<!-- 验证成功后页面跳转 -->
<beans:bean id="WebloginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/users/usersCenter.do"></beans:property>
</beans:bean>
<!-- 验证失败后页面跳转 -->
<beans:bean id="webSimpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<beans:property name="defaultFailureUrl" value="/usersLoginUI.do?error=1"></beans:property>
</beans:bean>
<!-- userDetailsService配置 -->
<beans:bean class="net.xqx.security.WebUserDetailsServiceImpl" id="webUserDetailsService" />
<!-- 调用userDetailsService,并增加别名alias为自己写的前置拦截器提供调用 -->
<authentication-manager alias="webAuthenticationManager">
<authentication-provider user-service-ref="webUserDetailsService" >
</authentication-provider>
</authentication-manager>
<!-- 配置自己写的前置拦截器 -->
<beans:bean class="net.xqx.security.MyUsernamePasswordAuthenticationFilter" id="myUsernamePasswordAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager"></beans:property>
<beans:property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler"></beans:property>
<beans:property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"></beans:property>
</beans:bean>
<!-- 验证成功后页面跳转 -->
<beans:bean id="loginLogAuthenticationSuccessHandler"
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/admin/login.do"></beans:property>
</beans:bean>
<!-- 验证失败后页面跳转 -->
<beans:bean id="simpleUrlAuthenticationFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<!-- 可以配置相应的跳转方式。属性forwardToDestination为true采用forward false为sendRedirect -->
<beans:property name="defaultFailureUrl" value="/admin/loginUI.do?error=1"></beans:property>
</beans:bean>
<!-- userDetailsService配置 -->
<beans:bean lazy-init="true" class="net.xqx.security.UserDetailsServiceImpl" id="userDetailsService" />
<!-- 调用userDetailsService,并增加别名alias为自己写的前置拦截器提供调用 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailsService" >
</authentication-provider>
</authentication-manager>
</beans:beans>
无论我怎么设置,它总是只调用 net.xqx.security.UserDetailsServiceImpl 这个实现类,把后台的这个配置放到最前面,系统又只会调用net.xqx.security.WebUserDetailsServiceImpl 这个实现类,实在是搞不出来了
...全文
请发表友善的回复…
发表回复
wwwcomy 2015-06-16
- 打赏
- 举报
看到问题没结论真坑爹
两个Reference:
http://stackoverflow.com/questions/22118243/spring-security-3-2-multiple-http-tag-with-different-authentication-manager
http://forum.spring.io/forum/spring-projects/security/120054-authentication-manager-id-vs-alias
两个Reference:
http://stackoverflow.com/questions/22118243/spring-security-3-2-multiple-http-tag-with-different-authentication-manager
http://forum.spring.io/forum/spring-projects/security/120054-authentication-manager-id-vs-alias
foggysource 2014-09-22
- 打赏
- 举报
可以配置多个,看看http://blog.csdn.net/foggysource/article/details/39456963。不知道是否能帮助到你
没实力又不努力 2014-09-18
- 打赏
- 举报
求问!同样遇到了此问题,大神们解决了没有呀?求方法!
力力尼 2013-12-21
- 打赏
- 举报
楼主,你好!请问你这个问题解决了吗?我也遇到这个问题,不能配置多个认证管理器,如果配置多个,最后一个会覆盖前面所配置的。好像认证管理器只能配置全局。
