Spring Security - 外部化 "requires-channel"的值

Question

我需要在 Spring Security 文件中支持 HTTP 和 HTTPS，并在运行时在它们之间动态切换。

因此，我尝试创建包含 any/http/https 之一的属性文件，但不会解析 XML 配置。

Spring 安全配置:

<sec:http entry-point-ref="portalEntryPoint">
    <sec:anonymous />
    <sec:intercept-url pattern = "/portal" access="IS_AUTHENTICATED_ANONYMOUSLY"
            requires-channel="${user-security.login.channel}" />
    <!-- rest omitted -->
</sec:http>

属性文件:

user-security.login.channel=https

我收到以下错误:

Caused by: org.xml.sax.SAXParseException: cvc-enumeration-valid: Value '${user-security.login.channel}' is not facet-valid with respect to enumeration '[http, https, any]'. It must be a value from the enumeration.

我正在使用 Spring 3 和 Spring Security 2。有什么想法吗？

Answer 1

如果您绝对必须使用配置文件来配置您的门户入口点。显然这意味着在你的 spring 配置中进行大量的复制和粘贴......

来自 springsource 文档的示例:

<bean id="transferService" class="com.bank.service.internal.DefaultTransferService">
    <constructor-arg ref="accountRepository"/>
    <constructor-arg ref="feePolicy"/>
</bean>

<bean id="accountRepository" class="com.bank.repository.internal.JdbcAccountRepository">
    <constructor-arg ref="dataSource"/>
</bean>

<bean id="feePolicy" class="com.bank.service.internal.ZeroFeePolicy"/>

<beans profile="dev">
    <jdbc:embedded-database id="dataSource">
        <jdbc:script location="classpath:com/bank/config/sql/schema.sql"/>
        <jdbc:script location="classpath:com/bank/config/sql/test-data.sql"/>
    </jdbc:embedded-database>
</beans>

<beans profile="production">
    <jee:jndi-lookup id="dataSource" jndi-name="java:comp/env/jdbc/datasource"/>
</beans>

链接 http://blog.springsource.com/2011/02/14/spring-3-1-m1-introducing-profile/