我正在尝试将xml配置转换为java配置
我的 XML 配置是这样的
<security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled" access-decision-manager-ref="methodAccessDecisionManager">
<security:expression-handler ref="methodExpressionHandler"/>
</security:global-method-security>
我尝试使用注释进行转换
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
但我不知道如何转换和使用全局安全方法 access-decision-manager-ref="methodAccessDecisionManager"
和<security:expression-handler ref="methodExpressionHandler"/>
最佳答案
您可以编写自定义方法安全配置,请参阅 Spring Security Reference :
5.10.2 GlobalMethodSecurityConfiguration
Sometimes you may need to perform operations that are more complicated than are possible with the
@EnableGlobalMethodSecurity
annotation allow. For these instances, you can extend theGlobalMethodSecurityConfiguration
ensuring that the@EnableGlobalMethodSecurity
annotation is present on your subclass. For example, if you wanted to provide a customMethodSecurityExpressionHandler
, you could use the following configuration:@EnableGlobalMethodSecurity(prePostEnabled = true) public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration { @Override protected MethodSecurityExpressionHandler createExpressionHandler() { // ... create and return custom MethodSecurityExpressionHandler ... return expressionHandler; } }
For additional information about methods that can be overridden, refer to the
GlobalMethodSecurityConfiguration
Javadoc.
您修改后的代码:
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Autowired
private AccessDecisionManager accessDecisionManager;
@Autowired
private MethodSecurityExpressionHandler methodSecurityExpressionHandler;
protected MethodSecurityExpressionHandler createExpressionHandler() {
return methodSecurityExpressionHandler;
}
protected AccessDecisionManager accessDecisionManager() {
return accessDecisionManager;
}
}
关于java - Spring Security中将XML配置转换为java配置以实现全局方法安全,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50268511/