Spring Security（七）：2.4 Getting Spring Security

時間 2019-11-19

標籤 spring security 2.4 getting 欄目 Spring 简体版

原文原文鏈接

You can get hold of Spring Security in several ways. You can download a packaged distribution from the main Spring Security page, download individual jars from the Maven Central repository (or a Spring Maven repository for snapshot and milestone releases) or, alternatively, you can build the project from source yourself.html

您能夠經過多種方式得到Spring Security。您能夠從Spring Security主頁面下載打包的發行版，從Maven Central存儲庫（或Spring Maven存儲庫下載快照和里程碑版本）下載單個jar，或者，您也能夠本身從源代碼構建項目。

2.4.1 Usage with Maven (使用Maven)

A minimal Spring Security Maven set of dependencies typically looks like the following:java

最小的Spring Security Maven依賴項一般以下所示：

pom.xml

<dependencies>
<!-- ... other dependency elements ... -->
<dependency>
	<groupId>org.springframework.security</groupId>
	<artifactId>spring-security-web</artifactId>
	<version>4.2.10.RELEASE</version>
</dependency>
<dependency>
	<groupId>org.springframework.security</groupId>
	<artifactId>spring-security-config</artifactId>
	<version>4.2.10.RELEASE</version>
</dependency>
</dependencies>

If you are using additional features like LDAP, OpenID, etc. you will need to also include the appropriate Section 2.4.3, 「Project Modules」.　　web

若是您正在使用LDAP，OpenID等其餘功能，則還須要包含相應的第2.4.3節「項目模塊」。

Maven Repositories

All GA releases (i.e. versions ending in .RELEASE) are deployed to Maven Central, so no additional Maven repositories need to be declared in your pom.spring

全部GA版本（即以.RELEASE結尾的版本）都部署到Maven Central，所以不須要在您的pom中聲明其餘Maven存儲庫。

If you are using a SNAPSHOT version, you will need to ensure you have the Spring Snapshot repository defined as shown below:

若是您使用的是SNAPSHOT版本，則須要確保定義了Spring Snapshot存儲庫，以下所示：

pom.xml.

<repositories>
<!-- ... possibly other repository elements ... -->
<repository>
	<id>spring-snapshot</id>
	<name>Spring Snapshot Repository</name>
	<url>http://repo.spring.io/snapshot</url>
</repository>
</repositories>

If you are using a milestone or release candidate version, you will need to ensure you have the Spring Milestone repository defined as shown below:apache

若是您使用里程碑或候選發佈版本，則須要確保已定義Spring Milestone存儲庫，以下所示：

pom.xml

<repositories>
<!-- ... possibly other repository elements ... -->
<repository>
	<id>spring-milestone</id>
	<name>Spring Milestone Repository</name>
	<url>http://repo.spring.io/milestone</url>
</repository>
</repositories>

Spring Framework Bom (良好的spring框架)

Spring Security builds against Spring Framework 4.3.21.RELEASE, but should work with 4.0.x. The problem that many users will have is that Spring Security’s transitive dependencies resolve Spring Framework 4.3.21.RELEASE which can cause strange classpath problems.api

Spring Security針對Spring Framework 4.3.21.RELEASE構建，但應該與4.0.x一塊兒使用。許多用戶將遇到的問題是Spring Security的傳遞依賴性解決了Spring Framework 4.3.21.RELEASE，它可能致使奇怪的類路徑問題。

One (tedious) way to circumvent this issue would be to include all the Spring Framework modules in a <dependencyManagement> section of your pom. An alternative approach is to include the spring-framework-bomwithin your <dependencyManagement> section of your pom.xml as shown below:

解決此問題的一種（繁瑣）方法是將全部Spring Framework模塊包含在pom的<dependencyManagement>部分中。另外一種方法是將spring-framework-bom包含在pom.xml的<dependencyManagement>部分中，以下所示：

pom.xml

<dependencyManagement>
	<dependencies>
	<dependency>
		<groupId>org.springframework</groupId>
		<artifactId>spring-framework-bom</artifactId>
		<version>4.3.21.RELEASE</version>
		<type>pom</type>
		<scope>import</scope>
	</dependency>
	</dependencies>
</dependencyManagement>

This will ensure that all the transitive dependencies of Spring Security use the Spring 4.3.21.RELEASE modules.app

這將確保Spring Security的全部傳遞依賴項都使用Spring 4.3.21.RELEASE模塊。

This approach uses Maven’s "bill of materials" (BOM) concept and is only available in Maven 2.0.9+. For additional details about how dependencies are resolved refer to Maven’s Introduction to the Dependency Mechanism documentation.

這種方法使用Maven的「物料清單」（BOM）概念，僅適用於Maven 2.0.9+。有關如何解析依賴關係的其餘詳細信息，請參閱Maven的依賴關係機制簡介文檔。

2.4.2 Gradle

A minimal Spring Security Gradle set of dependencies typically looks like the following:框架

最小的Spring Security Gradle依賴項集一般以下所示：

build.gradle.

dependencies {
	compile 'org.springframework.security:spring-security-web:4.2.10.RELEASE'
	compile 'org.springframework.security:spring-security-config:4.2.10.RELEASE'
}

Gradle Repositories

All GA releases (i.e. versions ending in .RELEASE) are deployed to Maven Central, so using the mavenCentral() repository is sufficient for GA releases.maven

全部GA版本（即以.RELEASE結尾的版本）都部署到Maven Central，所以使用mavenCentral（）存儲庫足以支持GA版本。

repositories {
	mavenCentral()
}

If you are using a SNAPSHOT version, you will need to ensure you have the Spring Snapshot repository defined as shown below:ide

若是您使用的是SNAPSHOT版本，則須要確保定義了Spring Snapshot存儲庫，以下所示：

build.gradle.

repositories {
	maven { url 'https://repo.spring.io/snapshot' }
}

If you are using a milestone or release candidate version, you will need to ensure you have the Spring Milestone repository defined as shown below:

若是您使用里程碑或候選發佈版本，則須要確保已定義Spring Milestone存儲庫，以下所示：

build.gradle.

repositories {
	maven { url 'https://repo.spring.io/milestone' }
}

Using Spring 4.0.x and Gradle

By default Gradle will use the newest version when resolving transitive versions. This means that often times no additional work is necessary when running Spring Security 4.2.10.RELEASE with Spring Framework 4.3.21.RELEASE. However, at times there can be issues that come up so it is best to mitigate this using Gradle’s ResolutionStrategy as shown below:

默認狀況下，Gradle將在解析傳遞版本時使用最新版本。這意味着在使用Spring Framework 4.3.21.RELEASE運行Spring Security 4.2.10.RELEASE時，一般不須要額外的工做。可是，有時可能會出現問題，所以最好使用Gradle的ResolutionStrategy來緩解這個問題，以下所示：

build.gradle.

configurations.all {
	resolutionStrategy.eachDependency { DependencyResolveDetails details ->
		if (details.requested.group == 'org.springframework') {
			details.useVersion '4.3.21.RELEASE'
		}
	}
}

This will ensure that all the transitive dependencies of Spring Security use the Spring 4.3.21.RELEASE modules.

這將確保Spring Security的全部傳遞依賴項都使用Spring 4.3.21.RELEASE模塊。

This example uses Gradle 1.9, but may need modifications to work in future versions of Gradle since this is an incubating feature within Gradle.

此示例使用Gradle 1.9，但可能須要修改才能在Gradle的將來版本中使用，由於這是Gradle中的孵化功能。