使用XML配置的Spring社交和Spring安全性

Question

我試圖將Spring Social引入Spring Security的一個正在出現的Web應用程序中。現有的網絡應用程序使用XML配置，即：

<security:http 
    disable-url-rewriting="true" 
    use-expressions="true" 
    xmlns="http://www.springframework.org/schema/security"> 
    ... 
    <intercept-url 
     pattern="/w/configuration/**" 
     access="hasRole ('ROLE_ADMIN')"/> 
    ... 
    <form-login 
     login-page="/w/welcome" 
     authentication-success-handler-ref="authSuccessHandler" 
     authentication-failure-handler-ref="authFailureHandler"/> 
    <logout logout-success-url="/w/welcome"/> 
</security:http> 

如何添加SpringSocialConfigurer（）進入配置？所有關於春天的社會文檔使用基於Java的配置，我想避免的，例如：

@Override 
protected void configure(HttpSecurity http) throws Exception 
{ 
    http 
     .formLogin() 
      .loginPage("/signin") 
      .loginProcessingUrl("/signin/authenticate") 
      .failureUrl("/signin?param.error=bad_credentials") 
     .and() 
      .logout() 
       .logoutUrl("/signout") 
       .deleteCookies("JSESSIONID") 
     .and() 
      .apply(new SpringSocialConfigurer()); 
} 

什麼是XML相當於apply（）方法的？

Answer 1

花一些時間審查SpringSocialConfigurer代碼後，在這裏是做什麼的了有些等價的XML配置：

<security:http 
    disable-url-rewriting="true" 
    use-expressions="true" 
    xmlns="http://www.springframework.org/schema/security"> 
    ... 
    <intercept-url 
     pattern="/w/configuration/**" 
     access="hasRole ('ROLE_ADMIN')"/> 
    ... 
    <form-login 
     login-page="/w/welcome" 
     authentication-success-handler-ref="authSuccessHandler" 
     authentication-failure-handler-ref="authFailureHandler"/> 
    <logout logout-success-url="/w/welcome"/> 

    <!-- Add a custom filter to handle Social media logins --> 
    <custom-filter before="PRE_AUTH_FILTER" ref="socialAuthFilter"/> 
</security:http> 

<security:authentication-manager 
    id="authenticationManager" 
    xmlns="http://www.springframework.org/schema/security"> 
    <!-- Social Media sites as authentication provider --> 
    <authentication-provider ref="socialAuthProvider"/> 
</security:authentication-manager> 

<!-- 
    Define the framework required for using Social Media sites 
    as Authentication Providers. 
--> 
<bean id="connectionFactoryLocator" 
    class="org.springframework.social.security.SocialAuthenticationServiceRegistry"> 
    <property name="connectionFactories"> 
     <list> 
      <bean class="org.springframework.social.facebook.connect.FacebookConnectionFactory"> 
       <constructor-arg value="${social.facebook.appId}" /> 
       <constructor-arg value="${social.facebook.appSecret}" />     
      </bean> 
     </list> 
    </property> 
</bean> 
<bean id="socialUsersConxRepo" 
    class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository"> 
    <constructor-arg ref="connectionFactoryLocator"/> 
</bean> 
<bean id="socialUserIdSource" 
    class="org.springframework.social.security.AuthenticationNameUserIdSource"/> 
<bean id="socialAuthFilter" 
    class="org.springframework.social.security.SocialAuthenticationFilter"> 
    <constructor-arg ref="authenticationManager"/> 
    <constructor-arg ref="socialUserIdSource"/> 
    <constructor-arg ref="socialUsersConxRepo"/> 
    <constructor-arg ref="connectionFactoryLocator"/> 
</bean> 
<bean id="socialAuthProvider" 
    class="org.springframework.social.security.SocialAuthenticationProvider"> 
    <constructor-arg ref="socialUsersConxRepo"/> 

    <!-- application defined @Service --> 
    <constructor-arg ref="socialGamerManager"/> 
</bean> 

應用程序的程序員，預計寫自己的「socialGamerManager」豆必須實施org.springframework.social.security.SocialUserDetailsService。 「socialUsersConxRepo」bean可能會更改爲使用JDBC實現。