SEC-659: Added authentication-manager element to allow users to define an alias for the internal authentication manager.

This commit is contained in:
Luke Taylor 2008-02-01 14:25:07 +00:00
parent 86f7b47fac
commit 298546014a
6 changed files with 60 additions and 2 deletions

View File

@ -0,0 +1,32 @@
package org.springframework.security.config;
import org.springframework.beans.factory.xml.BeanDefinitionParser;
import org.springframework.beans.factory.xml.ParserContext;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
/**
* Just registers an alias name for the default ProviderManager used by the namespace
* configuration, allowing users to reference it in their beans and clearly see where the name is
* coming from.
*
* @author Luke Taylor
* @version $Id$
*/
public class AuthenticationManagerBeanDefinitionParser implements BeanDefinitionParser {
private static final String ATT_ALIAS = "alias";
public BeanDefinition parse(Element element, ParserContext parserContext) {
String alias = element.getAttribute(ATT_ALIAS);
if (!StringUtils.hasText(alias)) {
parserContext.getReaderContext().error(ATT_ALIAS + " is required.", element );
}
parserContext.getRegistry().registerAlias(BeanIds.AUTHENTICATION_MANAGER, alias);
return null;
}
}

View File

@ -10,7 +10,10 @@ package org.springframework.security.config;
*/
public abstract class BeanIds {
/** Package protected as end users shouldn't really be using this BFPP directly */
/** External alias for FilterChainProxy bean, for use in web.xml files */
public static final String SPRING_SECURITY_FILTER_CHAIN = "springSecurityFilterChain";
/** Package protected as end users shouldn't really be using this BFPP directly */
static final String INTERCEPT_METHODS_BEAN_FACTORY_POST_PROCESSOR = "_interceptMethodsBeanfactoryPP";
static final String CONTEXT_SOURCE_SETTING_POST_PROCESSOR = "_contextSettingPostProcessor";
static final String HTTP_POST_PROCESSOR = "_httpConfigBeanFactoryPostProcessor";

View File

@ -8,7 +8,8 @@ package org.springframework.security.config;
*/
abstract class Elements {
public static final String USER_SERVICE = "user-service";
public static final String AUTHENTICATION_MANAGER = "authentication-manager";
public static final String USER_SERVICE = "user-service";
public static final String JDBC_USER_SERVICE = "jdbc-user-service";
public static final String FILTER_CHAIN_MAP = "filter-chain-map";
public static final String INTERCEPT_METHODS = "intercept-methods";

View File

@ -22,6 +22,7 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
registerBeanDefinitionParser(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
registerBeanDefinitionParser(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
registerBeanDefinitionParser(Elements.ANNOTATION_DRIVEN, new AnnotationDrivenBeanDefinitionParser());
registerBeanDefinitionParser(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
// Decorators
registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());

View File

@ -266,6 +266,13 @@ x509.attlist &=
## Explicitly specifies which user-service should be used to load user data for X.509 authenticated clients. If ommitted, the default user-service will be used.
user-service-ref?
authentication-manager =
## If you are using namespace configuration with Spring Security, an AuthenticationManager will automatically be registered. This element simple allows you to define an alias to allow you to reference the authentication-manager in your own beans.
element authentication-manager {authman.attlist}
## The alias you wish to use for the AuthenticationManager bean
authman.attlist &=
attribute alias {xsd:ID}
authentication-provider =
## Indicates that the contained user-service should be used as an authentication source.
element authentication-provider {ap.attlist & (user-service | jdbc-user-service | ldap-user-service) & password-encoder}

View File

@ -622,6 +622,20 @@
</xs:annotation>
</xs:attribute>
</xs:attributeGroup>
<xs:element name="authentication-manager">
<xs:annotation>
<xs:documentation>If you are using namespace configuration with Spring Security, an AuthenticationManager will automatically be registered. This element simple allows you to define an alias to allow you to reference the authentication-manager in your own beans. </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attributeGroup ref="security:authman.attlist"/>
</xs:complexType>
</xs:element>
<xs:attributeGroup name="authman.attlist">
<xs:annotation>
<xs:documentation>The alias you wish to use for the AuthenticationManager bean</xs:documentation>
</xs:annotation>
<xs:attribute name="alias" use="required" type="xs:ID"/>
</xs:attributeGroup>
<xs:element name="authentication-provider">
<xs:annotation>
<xs:documentation>Indicates that the contained user-service should be used as an authentication source. </xs:documentation>