• Spring Security(十五):5.6 Authentication


    Thus far we have only taken a look at the most basic authentication configuration. Let’s take a look at a few slightly more advanced options for configuring authentication.到目前为止,我们只看了最基本的身份验证配置。我们来看一些稍微更高级的配置身份验证选项。

    5.6.1 In-Memory Authentication

    We have already seen an example of configuring in-memory authentication for a single user. Below is an example to configure multiple users:

    我们已经看到了为单个用户配置内存中身份验证的示例。以下是配置多个用户的示例:
     
    @Bean
    public UserDetailsService userDetailsService() throws Exception {
    	InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
    	manager.createUser(User.withUsername("user").password("password").roles("USER").build());
    	manager.createUser(User.withUsername("admin").password("password").roles("USER","ADMIN").build());
    	return manager;
    }
    

    5.6.2 JDBC Authentication

    You can find the updates to support JDBC based authentication. The example below assumes that you have already defined a DataSource within your application. The jdbc-javaconfig sample provides a complete example of using JDBC based authentication.

    您可以找到支持基于JDBC的身份验证的更新。下面的示例假定您已在应用程序中定义了一个DataSource。 jdbc-javaconfig示例提供了使用基于JDBC的身份验证的完整示例。
     
    @Autowired
    private DataSource dataSource;
    
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    	auth
    		.jdbcAuthentication()
    			.dataSource(dataSource)
    			.withDefaultSchema()
    			.withUser("user").password("password").roles("USER").and()
    			.withUser("admin").password("password").roles("USER", "ADMIN");
    }
    

    5.6.3 LDAP Authentication

    You can find the updates to support LDAP based authentication. The ldap-javaconfig sample provides a complete example of using LDAP based authentication.

    您可以找到支持基于LDAP的身份验证的更新。 ldap-javaconfig示例提供了使用基于LDAP的身份验证的完整示例。
     
    @Autowired
    private DataSource dataSource;
    
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    	auth
    		.ldapAuthentication()
    			.userDnPatterns("uid={0},ou=people")
    			.groupSearchBase("ou=groups");
    }
    

    The example above uses the following LDIF and an embedded Apache DS LDAP instance.

    上面的示例使用以下LDIF和嵌入式Apache DS LDAP实例。
     
    users.ldif. 
    dn: ou=groups,dc=springframework,dc=org
    objectclass: top
    objectclass: organizationalUnit
    ou: groups
    
    dn: ou=people,dc=springframework,dc=org
    objectclass: top
    objectclass: organizationalUnit
    ou: people
    
    dn: uid=admin,ou=people,dc=springframework,dc=org
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: Rod Johnson
    sn: Johnson
    uid: admin
    userPassword: password
    
    dn: uid=user,ou=people,dc=springframework,dc=org
    objectclass: top
    objectclass: person
    objectclass: organizationalPerson
    objectclass: inetOrgPerson
    cn: Dianne Emu
    sn: Emu
    uid: user
    userPassword: password
    
    dn: cn=user,ou=groups,dc=springframework,dc=org
    objectclass: top
    objectclass: groupOfNames
    cn: user
    uniqueMember: uid=admin,ou=people,dc=springframework,dc=org
    uniqueMember: uid=user,ou=people,dc=springframework,dc=org
    
    dn: cn=admin,ou=groups,dc=springframework,dc=org
    objectclass: top
    objectclass: groupOfNames
    cn: admin
    uniqueMember: uid=admin,ou=people,dc=springframework,dc=org
    

    5.6.4 AuthenticationProvider

    You can define custom authentication by exposing a custom AuthenticationProvider as a bean. For example, the following will customize authentication assuming that SpringAuthenticationProvider implements AuthenticationProvider:

    您可以通过将自定义AuthenticationProvider公开为bean来定义自定义身份验证。例如,假设SpringAuthenticationProvider实现AuthenticationProvider,以下将自定义身份验证:
     

    This is only used if the AuthenticationManagerBuilder has not been populated

    仅在尚未填充AuthenticationManagerBuilder时使用此选项
    @Bean
    public SpringAuthenticationProvider springAuthenticationProvider() {
    	return new SpringAuthenticationProvider();
    }
    

    5.6.5 UserDetailsService

    You can define custom authentication by exposing a custom UserDetailsService as a bean. For example, the following will customize authentication assuming that SpringDataUserDetailsService implements UserDetailsService:

    您可以通过将自定义UserDetailsS​​ervice公开为bean来定义自定义身份验证。例如,假设SpringDataUserDetailsS​​ervice实现UserDetailsS​​ervice,以下将自定义身份验证:
     

    This is only used if the AuthenticationManagerBuilder has not been populated and no AuthenticationProviderBean is defined.

    仅在尚未填充AuthenticationManagerBuilder且未定义AuthenticationProviderBean时才使用此选项。
     
    @Bean
    public SpringDataUserDetailsService springDataUserDetailsService() {
    	return new SpringDataUserDetailsService();
    }
    

    You can also customize how passwords are encoded by exposing a PasswordEncoder as a bean. For example, if you use bcrypt you can add a bean definition as shown below:

    您还可以通过将PasswordEncoder作为bean公开来自定义密码的编码方式。例如,如果使用bcrypt,则可以添加bean定义,如下所示:
     
    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
    	return new BCryptPasswordEncoder();
    }
    

    5.6.6 LDAP Authentication

  • 相关阅读:
    【C#高级】泛型(一)
    【C#】RGB转CMYK
    C#读写Excel
    H5+MUI上传文件
    完整登录流程包含第三方登录,很详细值得推荐
    [MVC]多文件、超大文件上传
    [SQL Server] 无法连接到本地数据库
    “System.OutOfMemoryException”类型的异常在 mscorlib.dll 中发生,但未在用户代码中进行处理
    MVC缓存(二)
    MVC缓存(一)
  • 原文地址:https://www.cnblogs.com/shuaiandjun/p/10134312.html
Copyright © 2020-2023  润新知