如何在 Spring Security 中指定 Open ID Realm?
我们在应用程序中使用 Spring security,支持基于用户名/密码的身份验证以及基于 Open id 的身份验证。
问题是 google 为指定的返回 url 提供了不同的 open id,并且我们的应用程序中至少有 2 个不同的入口点,从这些入口点将 open id 配置到我们的系统中。
因此我们决定使用开放 ID 领域。
https://blog.stackoverflow.com/2009/0...ue-per-domain /
http://groups.google.com /group/googl...unts-api?pli=1
如何将领域集成到我们的 spring 配置/代码中? 这就是我们在传统 openid 库代码中的做法:
AuthRequest authReq = ConsumerManager.authenticate(discovered, someReturnToUrl,"http://www.example.com");
这可以工作并为我们网站的不同网址提供相同的开放 ID。
我们的配置:
代码:
...
<http auto-config="false">
<!-- <intercept-url> tags are here -->
<remember-me user-service-ref="someRememberedService" key="some key" />
<form-login login-page="/Login.html" authentication-failure-url="/Login.html?error=true" always-use-default-target="false" default-target-url="/MainPage.html"/>
<openid-login authentication-failure-url="/Login.html?error=true" always-use-default-target="true" default-target-url="/MainPage.html" user-service-ref="someOpenIdUserService"/>
</http>
...
<beans:bean id="openIdAuthenticationProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
<custom-authentication-provider />
<beans:property name="userDetailsService" ref="openIdUserService"/>
</beans:bean>
<beans:bean id="openIdUserService" class="some.package.OpenIDUserDetailsService">
</beans:bean>
...
We are using Spring security in our application with support for username / password based authentication as well as Open id based authentication.
The issue is that google gives a different open id for the return url specified and we have at least 2 different entry points in our application from where open id is configured into our system.
Hence we decided to use open id realm.
https://blog.stackoverflow.com/2009/0...ue-per-domain/
http://groups.google.com/group/googl...unts-api?pli=1
how is it possible to integrate realm into our spring configuration/code ?
This is how we are doing it in traditional openid library code:
AuthRequest authReq = consumerManager.authenticate(discovered, someReturnToUrl,"http://www.example.com");
This works and gives same open id for different urls from our site.
our configuration:
Code:
...
<http auto-config="false">
<!-- <intercept-url> tags are here -->
<remember-me user-service-ref="someRememberedService" key="some key" />
<form-login login-page="/Login.html" authentication-failure-url="/Login.html?error=true" always-use-default-target="false" default-target-url="/MainPage.html"/>
<openid-login authentication-failure-url="/Login.html?error=true" always-use-default-target="true" default-target-url="/MainPage.html" user-service-ref="someOpenIdUserService"/>
</http>
...
<beans:bean id="openIdAuthenticationProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
<custom-authentication-provider />
<beans:property name="userDetailsService" ref="openIdUserService"/>
</beans:bean>
<beans:bean id="openIdUserService" class="some.package.OpenIDUserDetailsService">
</beans:bean>
...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这个问题确实很老了,没有一个答案就让它死去真是太可惜了。
有几个教程,主要针对 SS 版本 3:
教程 1:Spring Security 3 - 使用 Google 提供商进行 OpenID 登录
教程 2:使用 Spring Security 和 Spring Roo 探索 Google 和 OpenID 登录
This question is really old, it's a shame to let it die without a single answer.
There are several tutorials, mostly for SS Version 3:
Tutorial 1: Spring Security 3 - OpenID Login with Google Provider
Tutorial 2: Exploring Google and OpenID login with Spring Security and Spring Roo