在 XML 配置中,我可以使用 security 命名空间来启用对安全性的支持,例如:
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticator" />
</security:authentication-manager>
<security:global-method-security pre-post-annotations="enabled" />
<bean id="authenticator"
class="org.springframework.security.authentication.TestingAuthenticationProvider" />
我尝试使用没有 XML 的 Spring,只有 @Configuration 类。与上述 XML 示例类似的配置的纯 Java 等价物是什么?
最佳答案
编辑:2013 年 12 月 Spring Security 3.2 was released和 Java Configuration was implemented ,所以上面的XML大致相当于:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final AuthenticationManagerBuilder auth)
throws Exception {
auth.authenticationProvider(authenticator());
super.configure(auth);
}
@Bean
public AuthenticationProvider authenticator() {
return new TestingAuthenticationProvider();
}
}
2012 年的旧答案:
很遗憾,没有。 Check this answer (半年前由 Spring Security lead dev 发表):
There currently is no easy way to do Spring Security configuration with Java configuration. You must know what the namespace does behind the scenes making it difficult and error prone. For this reason, I would recommend sticking with the Spring Security namespace configuration.
一种选择是为非官方项目做出贡献 - Scalasec - 提供基于 Scala 的配置,在 this post on SpringSource blog 中进行了描述.同样,不建议将其用于生产,因为项目似乎已被放弃。我想有一天尝试这个项目,但目前没有空闲时间:(
关于Spring:注解等价于 security:authentication-manager 和 security:global-method-security,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/12303894/