spring security梳理
核心服務:AuthenticationManager,UserDetailsService和AccessDecisionManagerjava
The AuthenticationManager, ProviderManager and AuthenticationProvider
AuthenticationManager是一個接口,它默認的實現類是ProviderManager,ProviderManager 並非本身直接對請求進行驗證,而是將其委派給一個AuthenticationProvider 列表。web
spring-security.xml中配置spring
Web應用程序的安全性
The Security Filter Chain
在web.xml配置DelegatingFilterProxy。api
<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
DelegatingFilterProxy這個類自己與springsecurity無關。它的做用是充當代理,將Spring應用程序上下文中的bean委託給servlet 容器中的filter,將其關聯起來。安全
DelegatingFilterProxy類繼承於抽象類GenericFilterBean,間接地implement 了javax.servlet.Filter接口。session
Servlet容器在啓動時,首先會調用Filter的init方法。app
GenericFilterBean的做用主要是能夠把Filter的初始化參數自動地set到繼承於GenericFilterBean類的Filter中去。ide
| Alias | Filter Class | Namespace Element or Attribute |
|---|---|---|
| CHANNEL_FILTERui |
|
|
| SECURITY_CONTEXT_FILTER |
|
|
| CONCURRENT_SESSION_FILTER |
|
|
| HEADERS_FILTER |
|
|
| CSRF_FILTER |
|
|
| LOGOUT_FILTER |
|
|
| X509_FILTER |
|
|
| PRE_AUTH_FILTER |
|
N/A |
| CAS_FILTER |
|
N/A |
| FORM_LOGIN_FILTER |
|
|
| BASIC_AUTH_FILTER |
|
|
| SERVLET_API_SUPPORT_FILTER |
|
|
| JAAS_API_SUPPORT_FILTER |
|
|
| REMEMBER_ME_FILTER |
|
|
| ANONYMOUS_FILTER |
|
|
| SESSION_MANAGEMENT_FILTER |
|
|
| EXCEPTION_TRANSLATION_FILTER |
|
|
| FILTER_SECURITY_INTERCEPTOR |
|
|
| SWITCH_USER_FILTER |
|
N/A |
- 1. Spring Security 認證流程梳理
- 2. Spring Security 初始化流程梳理
- 3. Spring Security啓動加載流程梳理
- 4. Spring Security五:Spring security原理
- 5. spring security 原理
- 6. Spring Boot+Spring Security:原理
- 7. spring security 管理 httpsession
- 8. Spring Security——session管理
- 9. spring security session管理
- 10. Spring data jpa 梳理
- 更多相關文章...
- • Spring JDK動態代理(附帶實例) - Spring教程
- • Spring CGLlB動態代理(附帶實例) - Spring教程
- • Docker 清理命令
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
-
每一个你不满意的现在,都有一个你没有努力的曾经。