Spring Security(二十四):6.6 The Authentication Manager and the Namespace

The main interface which provides authentication services in Spring Security is the AuthenticationManager. This is usually an instance of Spring Security’s ProviderManager class, which you may already be familiar with if you’ve used the framework before. If not, it will be covered later, in the technical overview chapter. The bean instance is registered using the authentication-manager namespace element. You can’t use a custom AuthenticationManager if you are using either HTTP or method security through the namespace, but this should not be a problem as you have full control over the AuthenticationProvider s that are used.

在Spring Security中提供身份验证服务的主界面是AuthenticationManager。这通常是Spring Security的ProviderManager类的一个实例,如果您之前使用过该框架,那么您可能已经熟悉了它。如果没有,稍后将在技术概述章节中介绍。使用authentication-manager名称空间元素注册bean实例。如果通过命名空间使用HTTP或方法安全性,则不能使用自定义AuthenticationManager,但这不应该是一个问题,因为您可以完全控制所使用的AuthenticationProvider。
 
You may want to register additional AuthenticationProvider beans with the ProviderManager and you can do this using the <authentication-provider>element with the ref attribute, where the value of the attribute is the name of the provider bean you want to add. For example:
您可能希望使用ProviderManager注册其他AuthenticationProvider bean,并且可以使用带有ref属性的<authentication-provider>元素来执行此操作,其中该属性的值是您要添加的提供者bean的名称。例如:
 
<authentication-manager>
<authentication-provider ref="casAuthenticationProvider"/>
</authentication-manager>

<bean id="casAuthenticationProvider"
	class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
...
</bean>

Another common requirement is that another bean in the context may require a reference to the AuthenticationManager. You can easily register an alias for the AuthenticationManager and use this name elsewhere in your application context.

另一个常见要求是上下文中的另一个bean可能需要引用AuthenticationManager。您可以轻松注册AuthenticationManager的别名,并在应用程序上下文的其他位置使用此名称。
 
<security:authentication-manager alias="authenticationManager">
...
</security:authentication-manager>

<bean id="customizedFormLoginFilter"
	class="com.somecompany.security.web.CustomFormLoginFilter">
<property name="authenticationManager" ref="authenticationManager"/>
...
</bean>

[1] You can find out more about the use of the ldap-server element in the chapter on Chapter 29, LDAP Authentication.

您可以在第29章LDAP身份验证章节中找到有关使用ldap-server元素的更多信息。

[2] See the section on Section 13.4, “Request Matching and HttpFirewall” in the Web Application Infrastructure chapter for more details on how matches are actually performed.

有关如何实际执行匹配的更多详细信息,请参阅“Web应用程序基础结构”一章中的第13.4节“请求匹配和HttpFirewall”一节。

[3] See the chapter on Chapter 22, Anonymous Authentication

请参阅第22章匿名身份验证一章

[4] The use of multiple <http> elements is an important feature, allowing the namespace to simultaneously support both stateful and stateless paths within the same application, for example. The previous syntax, using the attribute filters="none" on an intercept-url element is incompatible with this change and is no longer supported in 3.1.

多个<http>元素的使用是一个重要特性,例如,允许命名空间同时支持同一应用程序中的有状态和无状态路径。在intercept-url元素上使用属性filters =“none”的先前语法与此更改不兼容,并且在3.1中不再受支持。

[5] For more details on how channel-processing is implemented, see the Javadoc for ChannelProcessingFilter and related classes.

有关如何实现通道处理的更多详细信息,请参阅ChannelProcessingFilter的Javadoc和相关类。
 
posted @ 2018-12-18 22:09  帅LOVE俊  阅读(135)  评论(0编辑  收藏  举报