2
我无法获得tomcat
配置的权利。spring启动tomcat J2EE预认证认证
我想在Tomcat
上部署简单的Spring Boot应用程序,j2eePreAuth
为Tomcat
以进行身份验证。
我读了一些关于web.xml
的配置。他们提到除了Spring类之外,还要把安全配置放到一个web.xml
之内。但它没有改变任何东西。
我也试图改变Tomcat
本身的web.xml
没有成功。
所以我的问题是:我有什么配置Tomcat
才能得到这个权利?
这里是我的安全:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static String ROLE_PREFIX = "ROLE_";
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
// Alle weiteren Pfadsegmente sind für User authentifiziert erreichbar
.anyRequest().authenticated()
.and()
.jee()
// Registrierung eines eigenen Jee PreAuthenticatedProcessingFilter
.j2eePreAuthenticatedProcessingFilter(j2eePreAuthenticatedProcessingFilter());
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
/**
* Um auf die web.xml zu verzichten muss ein ganzer J2eePreAuthenticatedProcessingFilter definiert werden.
*/
@Bean
public J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter() throws Exception {
J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter = new J2eePreAuthenticatedProcessingFilter();
j2eePreAuthenticatedProcessingFilter.setAuthenticationManager(authenticationManagerBean());
J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource = new J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource();
j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.setMappableRolesRetriever(simpleMappableAttributesRetriever());
SimpleAttributes2GrantedAuthoritiesMapper simpleAttributes2GrantedAuthoritiesMapper = new SimpleAttributes2GrantedAuthoritiesMapper();
simpleAttributes2GrantedAuthoritiesMapper.setConvertAttributeToUpperCase(true);
j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.setUserRoles2GrantedAuthoritiesMapper(simpleAttributes2GrantedAuthoritiesMapper);
j2eePreAuthenticatedProcessingFilter.setAuthenticationDetailsSource(j2eeBasedPreAuthenticatedWebAuthenticationDetailsSource);
return j2eePreAuthenticatedProcessingFilter;
}
/**
* Dieser MappableAttributesRetriever liefert eine eigene Liste von JEE Rollen statt der aus einer web.xml.
*/
@Bean
public MappableAttributesRetriever simpleMappableAttributesRetriever() {
SimpleMappableAttributesRetriever simpleMappableAttributesRetriever = new SimpleMappableAttributesRetriever();
Set<String> roles = new HashSet<String>();
// Hier müssen die Rollen angegeben werden!
roles.add(ROLE_PREFIX + "INTERNAL");
roles.add(ROLE_PREFIX + "MANAGEMENT");
roles.add(ROLE_PREFIX + "USER");
simpleMappableAttributesRetriever.setMappableAttributes(roles);
return simpleMappableAttributesRetriever;
}
}
和一个简单的RESt
控制器:
@RestController
@RequestMapping(value = "/a")
@PreAuthorize("hasAuthority('ROLE_USER')")
public class Controller {
@RequestMapping("")
public String index(Principal p) {
return "logged in as: " + p.getName();
}
}
我得到它的工作! –