我有一个特殊的情况,我需要使用应用程序服务器(Weblogic)安全上下文进行身份验证,但使用 Spring Security 进行授权。我在用Spring Boot
创建我的应用程序。
如何添加如下所示的安全约束(通常包含在web.xml
):
<security-constraint>
<web-resource-collection>
<web-resource-name>portal</web-resource-name>
<description>This is the protected area of the application.</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Requires users to be authenticated but does not require them to be authorized.</description>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>Encryption is not required for this area.</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
请记住,我需要从我的Weblogic
服务器和not Spring Security
您可以根据安全限制在 WEB-INF 中添加 web.xml。这将与 spring boot java 配置一起使用。
@ComponentScan
@SpringBootApplication
public class Application extends SpringBootServletInitializer implements WebApplicationInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) {
return builder.sources(Application.class);
}
}
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
metadata-complete="false" version="3.0">
<security-constraint>
<web-resource-collection>
<web-resource-name>portal</web-resource-name>
<description>This is the protected area of the application.</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Requires users to be authenticated but does not require them to be authorized.</description>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>Encryption is not required for this area.</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)