1. 首頁
  2. 問答
  3. 添加安全到春季批量管理員

添加安全到春季批量管理員

2017-04-21 52 views
0

首先,先謝謝了!添加安全到春季批量管理員

我正在使用Spring-Batch-Admin 1.3.1,我的進程正常工作,但現在我們的目標是應用安全性,以便只有經過授權的人員才能訪問進程。 安全設置在其他應用程序中完美工作,並違背CAS。

這樣做有彈簧批次管理,樣品測試,我已經把安全配置文件中的路徑/META-INF/spring/cas-security-config.xml,它是從另一個配置進口xml文件覆蓋屬性或加載新的安全性。批次管理正常啓動,但是當我嘗試訪問該應用程序會生成以下錯誤:

org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined

我已閱讀所有相關的帖子,但我不能找到解決方案。我嘗試用/批覆蓋resourceService bean,但是當它被訪問時,其他url沒有找到它們並生成404錯誤。

我們希望保護所有重定向到CAS然後返回到批次管理器菜單的所有內容。

這是我的配置文件:

物業負載

<?xml version="1.0" encoding="UTF-8" ?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns:context="http://www.springframework.org/schema/context" 
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> 

<context:annotation-config /> 
<context:component-scan base-package="com.aneta.services" /> 
<!-- 
    SOBREESCRITURA DE LAS PROPERTIES DEL MANAGER DE SPRING BATCH 
--> 
<bean id="placeholderProperties" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> 
    <property name="locations"> 
     <list> 
      <value>classpath:*.properties</value> 
      <value>classpath:properties/*.properties</value> 

     </list> 
    </property> 
    <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" /> 
    <property name="ignoreResourceNotFound" value="true" /> 
    <property name="ignoreUnresolvablePlaceholders" value="false" /> 
    <property name="order" value="1" /> 
</bean> 

<import resource="classpath:META-INF/spring/cas-security-config.xml"/> 
</beans>

的web.xml

<?xml version="1.0" encoding="ISO-8859-1"?> 
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation=" 
     http://java.sun.com/xml/ns/j2ee 
     http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> 

<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>classpath*:/org/springframework/batch/admin/web/resources/webapp-config.xml</param-value> 
</context-param> 

<listener> 
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 

<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

<filter> 
    <filter-name>shallowEtagHeaderFilter</filter-name> 
    <filter-class>org.springframework.web.filter.ShallowEtagHeaderFilter</filter-class> 
</filter> 

<filter> 
    <filter-name>hiddenHttpMethodFilter</filter-name> 
    <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class> 
</filter> 

<filter-mapping> 
    <filter-name>shallowEtagHeaderFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

<filter-mapping> 
    <filter-name>hiddenHttpMethodFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

<servlet> 
    <servlet-name>Batch Servlet</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
     <param-name>contextConfigLocation</param-name> 
     <param-value>classpath*:/org/springframework/batch/admin/web/resources/servlet-config.xml</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 

<servlet-mapping> 
    <servlet-name>Batch Servlet</servlet-name> 
    <url-pattern>/*</url-pattern> 
</servlet-mapping> 

</web-app>

而且

個CAS-安全-config.xml中

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns:context="http://www.springframework.org/schema/context" 
xmlns:p="http://www.springframework.org/schema/p" 
xmlns:security="http://www.springframework.org/schema/security" 
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd 
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd"> 

<context:annotation-config /> 
<context:component-scan base-package="com.aneta.services" /> 

<bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter"> 
    <property name="rolePrefix" value=""/> 
</bean> 

<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> 
    <constructor-arg > 
     <list> 
      <ref bean="roleVoter"/> 
      <bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/> 
      <bean class="org.springframework.security.access.vote.AuthenticatedVoter"/> 
     </list> 
    </constructor-arg> 
</bean> 


<security:http entry-point-ref="casEntryPoint" use-expressions="true" auto-config="true" 
    access-decision-manager-ref="accessDecisionManager"> 
    <security:csrf disabled="false"/> 
    <security:custom-filter position="FIRST" ref="ajaxSessionFilter"/> 
    <security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" /> 
    <security:custom-filter ref="singleLogoutFilter" before="CAS_FILTER" /> 

    <security:custom-filter ref="casAuthenticationFilter" after="CAS_FILTER"/> 
    <security:custom-filter position="LAST" ref="loginFilter"/> 

    <!-- ACCESO CON RESTRICCIONES --> 
    <security:intercept-url pattern="/**" access="hasAnyAuthority('ADMINISTRATOR')" /> 

</security:http> 

<bean id="casServiceProperties" class="org.springframework.security.cas.ServiceProperties" 
    p:service="${service.base.url}" 
    p:sendRenew="false" p:authenticateAllArtifacts="true" /> 

<bean id="casEntryPoint" 
    class="org.springframework.security.cas.web.CasAuthenticationEntryPoint" 
    p:serviceProperties-ref="casServiceProperties" p:loginUrl="${cas.server.base.url}/login" /> 

<bean id="ajaxSessionFilter" class="com.psoplaneta.services.security.filters.AjaxSessionFilter">  
    <property name="homePage" value="${cas.server.base.url}/login"/> 
</bean> 

<bean id="loginFilter" class="com.aneta.services.security.filters.LoginFilter"> 
    <property name="errorPage" value="${service.base.url}/403"/> 
    <property name="loginPage" value="${cas.server.base.url}/login"/> 
</bean> 


<bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter" 
    p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage" 
    p:proxyReceptorUrl="/login/cas/proxyreceptor" 
    p:serviceProperties-ref="casServiceProperties" 
    p:authenticationManager-ref="authenticationManager"> 
    <property name="authenticationFailureHandler"> 
     <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> 
      <property name="defaultFailureUrl" value="/casfailed"/> 
     </bean> 
    </property> 
    <property name="authenticationSuccessHandler"> 
     <bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" 
      p:defaultTargetUrl="/"> 
     </bean> 
    </property> 
    <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" /> 
</bean> 

<bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" /> 

<bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder"/> 

<!-- This filter redirects to the CAS Server to signal Single Logout should be performed --> 
<bean id="requestSingleLogoutFilter" 
    class="org.springframework.security.web.authentication.logout.LogoutFilter" 
    p:filterProcessesUrl="/j_spring_cas_security_logout"> 
    <constructor-arg value="${cas.server.base.url}/logout" /> 
    <constructor-arg > 
     <bean 
      class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" /> 
    </constructor-arg> 
</bean> 

<!-- This filter handles a Single Logout Request from the CAS Server --> 
<bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/> 

<security:authentication-manager alias="authenticationManager"> 
    <security:authentication-provider ref="casAuthenticationProvider"/> 
</security:authentication-manager> 

<bean id="casAuthenticationProvider" 
    class="org.springframework.security.cas.authentication.CasAuthenticationProvider" 
    p:key="casAuthProviderKey" 
    p:serviceProperties-ref="casServiceProperties"> 
    <property name="authenticationUserDetailsService"> 
     <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> 
      <constructor-arg ref="userDetailService" /> 
     </bean> 
    </property> 
    <property name="ticketValidator"> 
     <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator" 
      p:proxyGrantingTicketStorage-ref="proxyGrantingTicketStorage"> 
      <constructor-arg index="0" value="${cas.server.base.url}" /> 
     </bean> 
    </property> 
</bean> 

<bean id="userDetailService" class="com.aneta.services.security.userdetails.UserDetailsService"/> 


</beans>

來源

2017-04-21 Marco Osorio

+0

有什麼想法嗎? –

回答

0

如果你有興趣,我把這裏的解決方案,以激活與CAS SSO身份驗證,我想這將是另一種類型的身份驗證是有用的。 經過這麼多圈之後,我已經看到在web.xml中有兩個調度程序,只有一個正在使用,即只有一個配置被加載並且批處理servlet。 解決方案是創建一個調度程序並將所有配置加載到一個調度程序中。如果配置文件我把它們從重寫的文件夾(即META-INF/spring/servlet-config.xml)中取出並在此內部進行安全性導入,並在必要時添加更多內容,因爲這是正確的位置導入新的配置。

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://java.sun.com/xml/ns/javaee" 
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 
version="3.0"> 

<servlet> 
    <servlet-name>mvc-dispatcher</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
     <!-- set to blank to ensure context is only loaded once --> 
     <param-name>contextConfigLocation</param-name> 
     <param-value></param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>mvc-dispatcher</servlet-name> 
    <url-pattern>/*</url-pattern> 
</servlet-mapping> 

<context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value> 
     classpath*:/org/springframework/batch/admin/web/resources/webapp-config.xml, 
     classpath*:/org/springframework/batch/admin/web/resources/servlet-config.xml, 
     classpath*:/META-INF/spring/aneta-servlet-config.xml 
    </param-value> 
</context-param> 

<listener> 
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
</listener> 

<filter> 
    <filter-name>shallowEtagHeaderFilter</filter-name> 
    <filter-class>org.springframework.web.filter.ShallowEtagHeaderFilter</filter-class> 
</filter> 
<filter> 
    <filter-name>hiddenHttpMethodFilter</filter-name> 
    <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>shallowEtagHeaderFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 
<filter-mapping> 
    <filter-name>hiddenHttpMethodFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 

<!-- SPRING SECURITY --> 
<filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
</filter> 
<filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
</filter-mapping> 
<!-- --> 

</web-app>

我希望它適合你!

來源

2017-05-05 08:17:50

相關問題

 相關問題