0
나는 내 봄 보안을 유지하고 운영해 왔습니다. 인증은 호스트 시스템에 의해 수행되므로 자체 인증 공급자를 사용합니다.inMemoryAuthentication없이 스프링 보안을 설정하는 방법은 무엇입니까?
주석 기반 보안을 가지고 있기 때문에 서블릿 구성에 @EnableGlobalMethodSecurity(securedEnabled = true)을 추가했습니다.
불행하게도 이것은 을 유발했습니다. 인증 관리자는 예외입니다. 이 예외를 피하는 유일한 방법은 configureGlobal 메소드를 inMemoryAuthentication과 함께 서블릿 구성에 추가하는 것입니다.
분명히 응용 프로그램이 내 자신의 호스트 인증에 의존하기 때문에이 inMemoryAuthentication을 원하지 않습니다. inMemoryAuthentication을 제거하려면 어떻게해야합니까?
@Configuration
@EnableWebMvc
@EnableGlobalMethodSecurity(securedEnabled = true)
@Import({
FooControllerConfig.class,
})
public class FooServerletConfig {
@Autowired
//@formatter:off
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").authorities("ROLE_USER");
}
//@formatter:on
}
이 보안 구성입니다 :
이
내 서블릿 구성입니다@Configuration
@EnableWebMvcSecurity
public class FooSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
//@formatter:off
protected void configure(HttpSecurity http) throws Exception {
http
.authenticationProvider(aS400AuthenticationProvider())
.formLogin()
.loginProcessingUrl("/authorized")
.passwordParameter("password")
.usernameParameter("clientId")
.successHandler(fooAuthenticationSuccessHandler())
.failureHandler(fooAuthenticationFailureHandler())
.and()
.csrf().disable()
.rememberMe()
.rememberMeServices(fooRememberMeServices())
.key(CookieService.LIR_SESSION_COOKIE_NAME)
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.exceptionHandling().authenticationEntryPoint(new Http403ForbiddenEntryPoint());
;
}
//@formatter:on
}
이있는 configureGlobal 방법이없는 경우를 제외하고 내가 얻을 :
SEVERE: Servlet /FOO threw load() exception
java.lang.IllegalArgumentException: An AuthenticationManager is required
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:121)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1571)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1509)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:521)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:296)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:293)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:633)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:932)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:479)
at org.springframework.web.servlet.FrameworkServlet.configureAndRefreshWebApplicationContext(FrameworkServlet.java:651)
at org.springframework.web.servlet.FrameworkServlet.initWebApplicationContext(FrameworkServlet.java:508)
at org.springframework.web.servlet.FrameworkServlet.initServletBean(FrameworkServlet.java:462)
at org.springframework.web.servlet.HttpServletBean.init(HttpServletBean.java:136)
at javax.servlet.GenericServlet.init(GenericServlet.java:160)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1280)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1091)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5176)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5460)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:695)