做一个简单的记录。spring security2.0目前不支持spring2.5
为cxf添加两个Interceptor
以basic auth的方式进行认证,这个Interceptor是获取用户名和密码,构造Authentication对象添加到SecurityContextHolder中,
public class SecurityInInterceptor extends AbstractPhaseInterceptor{
private static Log logger = LogFactory.getLog(SecurityInInterceptor.class);
private AuthenticationManager authenticationManager;
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
public SecurityInInterceptor() {
super(Phase.INVOKE);
}
public void handleMessage(Message message) throws Fault {
String baseAuth = null;
Map> reqHeaders = CastUtils.cast((Map,?>)message.get(Message.PROTOCOL_HEADERS));
if (reqHeaders != null) {
for (Map.Entry> e : reqHeaders.entrySet()) {
if("Authorization".equalsIgnoreCase(e.getKey()))
baseAuth = e.getValue().get(0);
}
}
if ((baseAuth != null) && baseAuth.startsWith("Basic ")) {
byte[] base64Token;
String username = "";
String password = "";
try {
base64Token = baseAuth.substring(6).getBytes("UTF-8");
String token = new String(Base64.decodeBase64(base64Token), "UTF-8");
int delim = token.indexOf(":");
if (delim != -1) {
username = token.substring(0, delim);
password = token.substring(delim + 1);
}
Authentication authResult = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(
username, password));
if (logger.isDebugEnabled()) {
logger.debug("Authentication success: " + authResult.toString());
}
SecurityContextHolder.getContext().setAuthentication(authResult);
}
catch (AuthenticationException failed) {
if (logger.isDebugEnabled()) {
logger.debug("Authentication request for user '" + username + "' failed: " +
failed.toString());
}
SecurityContextHolder.clearContext();
throw new Fault(failed);
} catch (Exception e) {
SecurityContextHolder.getContext().setAuthentication(null);
throw new Fault(e);
}
}
}
}
清空SecurityContextHolder
public class SecurityOutInterceptor extends AbstractPhaseInterceptor{
public SecurityOutInterceptor() {
super(Phase.SEND);
}
public void handleMessage(Message message) throws Fault {
SecurityContextHolder.clearContext();
}
}
下面是两种配置方式:
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
expression="execution(* com.javaeye.springSecurity.HelloWorld+.*(..))"/>
admin=admin,ROLE_ADMIN
melin=123456,ROLE_USER
class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
false
使用security的namespace
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
实例在附件中,添加jar包,就可以运行!
直接运行ServerJetty.java可以启动jetty服务器方便运行