将Spring Security与SiteMinder集成

将Spring Security与SiteMinder集成

存在Site Security的SpringSecurity，仅用于接收用户。但是，要获得角色，您将需要创建扩展的身份验证过程。这将使用角色对用户进行身份验证。

内

root-security.xml

<beans:bean id="userDetailsService" /><beans:bean id="preauthAuthProvider" >    <beans:property name="preAuthenticatedUserDetailsService">        <beans:bean id="userDetailsServiceWrapper" > <beans:property name="userDetailsService" ref="userDetailsService" />        </beans:bean>    </beans:property></beans:bean><beans:bean id="siteminderFilter" >    <beans:property name="principalRequestHeader" value="SM_USER" />    <beans:property name="rolesRequestHeader" value="SM_ROLE" />    <beans:property name="rolesDelimiter" value="," />    <beans:property name="authenticationManager" ref="authenticationManager" /></beans:bean><authentication-manager alias="authenticationManager">    <authentication-provider ref="preauthAuthProvider" /></authentication-manager>

SiteMinderUserDetailsS​​ervice

public class SiteMinderUserDetailsService extends PreAuthenticatedGrantedAuthoritiesUserDetailsService implements        UserDetailsService {    @Override    public UserDetails loadUserByUsername(String arg0) throws UsernameNotFoundException {        SiteMinderUserDetails userDetails = new SiteMinderUserDetails();        userDetails.setUsername(arg0);   return userDetails;    }    @Override    protected UserDetails createuserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) {        return super.createuserDetails(token, authorities);    }}

SiteMinderUserDetails

public class SiteMinderUserDetails implements UserDetails {    // implement all methods}

SiteMinderFilter

public class SiteMinderFilter extends RequestHeaderAuthenticationFilter {    private String rolesRequestHeader;    private String rolesDelimiter;    @Override    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException, NullPointerException {        String roles = (String)  ((HttpServletRequest)request).getHeader(getRolesRequestHeader());        String[] rolesArray = roles.split(rolesDelimiter);        Collection<SimpleGrantedAuthority> auth = new ArrayList<SimpleGrantedAuthority>();        for (String s : rolesArray) {     auth.add(new SimpleGrantedAuthority(s));        }        SiteMinderUserDetails userDetails = new SiteMinderUserDetails();        userDetails.setUsername((String) super.getPreAuthenticatedPrincipal(((HttpServletRequest)request)));        userDetails.setAuthorities(auth);        AuthenticationImpl authentication = new AuthenticationImpl();        authentication.setAuthenticated(true);        authentication.setAuthorities(auth);        authentication.setPrincipal(userDetails);        authentication.setCredentials(super.getPreAuthenticatedCredentials(((HttpServletRequest)request)));        SecurityContextHolder.getContext().setAuthentication(authentication);        super.doFilter(request, response, chain);    }    public SiteMinderFilter() {        super(); }    @Override    public void setPrincipalRequestHeader(String principalRequestHeader) {        super.setPrincipalRequestHeader(principalRequestHeader);    }    public void setRolesRequestHeader(String rolesRequestHeader) {        this.rolesRequestHeader = rolesRequestHeader;    }    public String getRolesRequestHeader() {        return rolesRequestHeader;    }    public void setRolesDelimiter(String rolesDelimiter) {        this.rolesDelimiter = rolesDelimiter;    }    public String getRolesDelimiter() {        return rolesDelimiter;    }}

身份验证Impl

public class AuthenticationImpl implements Authentication {    // implement all methods}