Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-01 00:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1460: Documentation of changes.

Browse Source
This commit is contained in:
Luke Taylor 2010-04-22 16:15:43 +01:00
parent dada047e04
commit 82bbd09b71
2 changed files with 29 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/manual/src/docbook/appendix-namespace.xml
View File

@ -431,11 +431,20 @@
<para> Similar to <literal>&lt;form-login&gt;</literal> and has the same attributes. The <para> Similar to <literal>&lt;form-login&gt;</literal> and has the same attributes. The
default value for <literal>login-processing-url</literal> is default value for <literal>login-processing-url</literal> is
"/j_spring_openid_security_check". An "/j_spring_openid_security_check". An
<classname>OpenIDAuthenticationFilter</classname> and <classname>OpenIDAuthenticationFilter</classname> and
<classname>OpenIDAuthenticationProvider</classname> will be registered. The latter <classname>OpenIDAuthenticationProvider</classname> will be registered. The
requires a reference to a <interfacename>UserDetailsService</interfacename>. Again, latter requires a reference to a <interfacename>UserDetailsService</interfacename>.
this can be specified by Id, using the <literal>user-service-ref</literal> Again, this can be specified by Id, using the <literal>user-service-ref</literal>
attribute, or will be located automatically in the application context. </para> attribute, or will be located automatically in the application context. </para>
<section>
<title>The <literal>&lt;attribute-exchange></literal> Element</title>
<para>The <literal>attribute-exchange</literal> element defines the list of
attributes which should be requested from the identity provider. More than one
can be used, in which case each must have an <literal>identifier-match</literal>
attribute, containing a regular expression which is matched against the supplied
OpenID identifer. This allows different attribute lists to be fetched from
different providers (Google, Yahoo etc).</para>
</section>
</section> </section>
<section xml:id="nsa-logout"> <section xml:id="nsa-logout">
<title>The <literal>&lt;logout&gt;</literal> Element</title> <title>The <literal>&lt;logout&gt;</literal> Element</title>

23
docs/manual/src/docbook/namespace-config.xml
View File

@ -548,20 +548,29 @@
</attribute-exchange> </attribute-exchange>
</openid-login>]]></programlisting>The <quote>type</quote> of each OpenID attribute is a URI, </openid-login>]]></programlisting>The <quote>type</quote> of each OpenID attribute is a URI,
determined by a particular schema, in this case <link determined by a particular schema, in this case <link
xlink:href="http://axschema.org/">http://axschema.org/</link>. If an attribute xlink:href="http://axschema.org/">http://axschema.org/</link>. If an
must be retrieved for successful authentication, the <literal>required</literal> attribute must be retrieved for successful authentication, the
attribute can be set. The exact schema and attributes supported will depend on <literal>required</literal> attribute can be set. The exact schema and
your OpenID provider. The attribute values are returned as part of the attributes supported will depend on your OpenID provider. The attribute values
authentication process and can be accessed afterwards using the following code: are returned as part of the authentication process and can be accessed
afterwards using the following code:
<programlisting language="java"> <programlisting language="java">
OpenIDAuthenticationToken token = OpenIDAuthenticationToken token =
(OpenIDAuthenticationToken)SecurityContextHolder.getContext().getAuthentication(); (OpenIDAuthenticationToken)SecurityContextHolder.getContext().getAuthentication();
List&lt;OpenIDAttribute> attributes = token.getAttributes();</programlisting>The List&lt;OpenIDAttribute> attributes = token.getAttributes();</programlisting>The
<classname>OpenIDAttribute</classname> contains the attribute type and the <classname>OpenIDAttribute</classname> contains the attribute type and the
retrieved value (or values in the case of multi-valued attributes). We'll see retrieved value (or values in the case of multi-valued attributes). We'll see
more about how the <classname>SecurityContextHolder</classname> class is used more about how the <classname>SecurityContextHolder</classname> class is used
when we look at core Spring Security components in the <link when we look at core Spring Security components in the <link
xlink:href="core-components">technical overview</link> chapter.</para> xlink:href="core-components">technical overview</link> chapter. Multiple
attribute exchange configurations are also be supported, if you wish to use
multiple identity providers. You can supply multiple
<literal>attribute-exchange</literal> elements, using an
<literal>identifier-matcher</literal> attribute on each. This contains a
regular expression which will be matched against the OpenID identifier supplied
by the user. See the OpenID sample application in the codebase for an example
configuration, providing different attribute lists for the Google, Yahoo and
MyOpenID providers.</para>
</section> </section>
</section> </section>
<section xml:id="ns-custom-filters"> <section xml:id="ns-custom-filters">