67,550
社区成员
发帖
与我相关
我的任务
分享Spring security中authentication-provider的实现问题
最近在看别人的代码学习Spring,不得不说,Spring涉及的只是太多了,有些找不到头绪。在我正在学习的代码中用到了Spring security,它的配置文件如下:
它的authentication-provider指定了一个实现类是provider,但是我找遍所有的配置文件都没发现一个叫provider的bean,只在jpa的持久化配置文件中发现一个<provider>标签,请问大家authentication-provider是怎么实现的
(不知道给出的信息够不够,能不能让大家做出判断)
jpa持久化配置文件:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- HTTP security configurations -->
<http auto-config="true" use-expressions="true">
<!-- <form-login login-processing-url="/resources/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t" /> -->
<form-login login-page="/login" authentication-failure-url="/login?error=true" default-target-url="/" />
<logout logout-url="/j_spring_security_logout" />
<intercept-url pattern="/login" access="permitAll" />
<intercept-url pattern="/**/rest/**" access="permitAll" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/**" access="isAuthenticated()" />
<intercept-url pattern="/sessionTimeout.html" access="permitAll" />
</http>
<!-- Configure Authentication mechanism -->
<authentication-manager alias="authenticationManager">
<authentication-provider ref="provider"></authentication-provider>
</authentication-manager>
</beans:beans>它的authentication-provider指定了一个实现类是provider,但是我找遍所有的配置文件都没发现一个叫provider的bean,只在jpa的持久化配置文件中发现一个<provider>标签,请问大家authentication-provider是怎么实现的
(不知道给出的信息够不够,能不能让大家做出判断)
jpa持久化配置文件:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<persistence xmlns="http://java.sun.com/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.0"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd">
<persistence-unit name="persistenceUnit" transaction-type="RESOURCE_LOCAL">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<properties>
<property name="hibernate.dialect" value="org.hibernate.dialect.MySQL5InnoDBDialect" />
<!-- value="create" to build a new database on each run; value="update"
to modify an existing database; value="create-drop" means the same as "create"
but also drops tables when Hibernate closes; value="validate" makes no changes
to the database -->
<property name="hibernate.hbm2ddl.auto" value="validate" />
<property name="hibernate.ejb.naming_strategy" value="org.hibernate.cfg.DefaultNamingStrategy" />
<property name="hibernate.connection.charSet" value="UTF-8" />
<!-- Uncomment the following two properties for JBoss only -->
<!-- property name="hibernate.validator.apply_to_ddl" value="false" / -->
<!-- property name="hibernate.validator.autoregister_listeners" value="false"
/ -->
</properties>
</persistence-unit>
</persistence>
...全文
请发表友善的回复…
发表回复
QuentinYo 2014-09-22
- 打赏
- 举报
provider 是在代码中用注解配置的,找了很久才看到
zuxianghuang 2014-06-07
- 打赏
- 举报
在jpa的持久化配置文件中发现一个<provider>标签,这个和security里的不是一回事,
没有关联的,
<authentication-provider ref="provider"></authentication-provider>
provider 这个对象肯定是配置了的,如果没有,是会报错的
