Scribd Logo
Unggah

Selamat datang di Scribd!

  • Xcareunpwd

    Diunggah oleh

    mpramod16
    14 tayangan2 halaman
    Spring Security Namespace makes security configuration so easy that it's not worth writing anything further. If you need to configure this stuff explicitly by wiring up your own beans, here's what you'll need to do:!--you need to define portMapperImpl and portResolverImpl like this: and then the configuration that forces the login page to be SSL.

    Deskripsi Asli:

    Judul Asli

    xcareunpwd

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    TXT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Spring Security Namespace makes security configuration so easy that it's not worth writing anything further. If you need to configure this stuff explicitly by wiring up your own beans, here's what you'll need to do:!--you need to define portMapperImpl and portResolverImpl like this: and then the configuration that forces the login page to be SSL.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    14 tayangan2 halaman

    Xcareunpwd

    Diunggah oleh

    mpramod16
    Spring Security Namespace makes security configuration so easy that it's not worth writing anything further. If you need to configure this stuff explicitly by wiring up your own beans, here's what you'll need to do:!--you need to define portMapperImpl and portResolverImpl like this: and then the configuration that forces the login page to be SSL.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    9638200170

    123456789

    :pserver:yvemanna@192.168.1.14:/cvs/cvsuser/repository

    /opt/wacos/oss_tools/interfaces/xcare/Oracle/Interfaces/ServerConf/bin

    How to force HTTPS on the login page with Spring Authentication and a soy bean m
    using
    The Easy Way
    Just use the Spring Security Namespace. It makes security configuration so easy
    that it's not worth me writing anything further about it.
    The Hard Way
    Ok, so like me you are working in a huge enterprise or government department som
    ewhere, and they think they can do security better than Spring.
    For whatever reason, if you need to configure this stuff explicitly by wiring up
    your own beans, here's what you'll need to do:
    You probably have something like this:
    <bean id="security.local.AuthenticationEntryPoint" class="org.springframework.se
    curity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="l
    oginFormUrl" value="/public/login.html"/> <property name="forceHttps" value="
    false"/></bean>
    You need to change it to this:
    <bean id="security.local.AuthenticationEntryPoint" class="org.springframework.se
    curity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="lo
    ginFormUrl" value="/public/login.html"/> <property name="forceHttps" value="tr
    ue"/> <property name="serverSideRedirect" value="false"/> <property name="po
    rtMapper" ref="portMapperImpl"/> <property name="portResolver" ref="portResolv
    erImpl"/></bean>
    Then you need to define portMapperImpl and portResolverImpl like this:
    <bean id="portResolverImpl" class="org.springframework.security.util.PortResolve
    rImpl"> <property name="portMapper" ref="portMapperImpl"/></bean> <bean id="p
    ortMapperImpl" class="org.springframework.security.util.PortMapperImpl"> <pro
    perty name="portMappings"> <map> <!--Mappings for all servers
    can be listed here - Spring just wants to know how which HTTPS port belongs to e
    ach HTTP port --> <entry key="8080" value="8443"/> <entry
    key="80" value="443"/> <!--SysTest--> <entry key="7001" va
    lue="7002"/> <!--Prod--> <entry key="8001" value="8002"/>
    <!--Sandpit--> <entry key="8051" value="8052"/> </m
    ap> </property></bean>
    And then the configuration that forces the login page to be SSL:
    <bean id="channelProcessingFilter" class="org.springframework.security.securecha
    nnel.ChannelProcessingFilter"> <property name="channelDecisionManager" ref="c
    hannelDecisionManager"/> <property name="filterInvocationDefinitionSource">
    <security:filter-invocation-definition-source path-type="ant">
    <!--You can configure further rules here about which pages should use SSL.-->
    <security:intercept-url pattern="/public/login.html" access="REQUIRES_S
    ECURE_CHANNEL"/> </security:filter-invocation-definition-source> </pro
    perty></bean> <bean id="channelDecisionManager" class="org.springframework.secur
    ity.securechannel.ChannelDecisionManagerImpl"> <property name="channelProcess
    ors"> <list> <ref bean="secureChannelProcessor"/> <
    ref bean="insecureChannelProcessor"/> </list> </property></bean> <bean
    id="secureChannelProcessor" class="org.springframework.security.securechannel.S
    ecureChannelProcessor"/><bean id="insecureChannelProcessor" class="org.springfra
    mework.security.securechannel.InsecureChannelProcessor"/>
    I've just realized that tofu is over-rated. It's just a curd to me.
    Posted by Daniel Alexiuc at 2:52 PM Email This BlogThis! Share to Twitter Share
    to Facebook Share to Google Buzz
    Reactions:
    0 comments:
    Post a Comment
    Newer Post Older Post Home
    Subscribe to: Post Comments (Atom)

    Anda mungkin juga menyukai