Tag: digest authentication

使用JavaConfig示例的Spring Security Digest Auth

如何使用javaconfig（无XML）专门为摘要式身份validation配置Spring 4.0和Spring Security（3.2.0）？ 我使用下面的配置类，但所有请求都被HTTP 401拒绝，“Nonce应该产生两个令牌，但是（…消息就在那里停止）”。 @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfigurationDigest extends WebSecurityConfigurerAdapter { @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser(“user”).password(“password”).roles(“USER”); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers(“/**”).authenticated().and().addFilter(digestAuthenticationFilter(digestEntryPoint())); } @Override @Bean public UserDetailsService userDetailsServiceBean() throws Exception { return super.userDetailsServiceBean(); } public DigestAuthenticationFilter digestAuthenticationFilter(DigestAuthenticationEntryPoint digestAuthenticationEntryPoint) throws Exception { DigestAuthenticationFilter […]

org.apache.zookeeper.KeeperException $ InvalidACLException：KeeperErrorCode = / f的InvalidACL

我正在使用zookeeper 3.4.6，我正在使用acl以便使用zookeeper服务器进行身份validation。 我有自己的实现ZooKeeperSupport ，它支持创建，删除和validationznode。 我正在尝试使用acl创建一个znode ，但在代码zooKeeperSupport.create(“/f”, DATA_F);这一部分中失败抛出InvalidACLException zooKeeperSupport.create(“/f”, DATA_F); 我基于这个项目来做zookeeper-acl-sample ，但我想使用digest auth因为使用user和password BasicMockZookeeperSecurity public class BasicMockZookeeperSecurity { @Resource (name = “zooKeeperSupportFactory”) protected ZooKeeperSupportFactory zooKeeperSupportFactory; public static final byte[] DATA_F = “data for znode /f”.getBytes(Charsets.UTF_8); public static final byte[] DATA_B = “data for znode /b”.getBytes(Charsets.UTF_8); @Before public void setup() throws Exception { System.setProperty(“curator-dont-log-connection-problems”, “true”); System.setProperty(“zookeeper.security.user”, “user”); […]

使用REST和Javaconfig在Spring Security中消化Auth

我在使用spring security设置摘要式身份validation时遇到问题： 我的安全配置： @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserService userService; @Override @Bean public UserDetailsService userDetailsServiceBean() { return userService; } @Override protected void configure(AuthenticationManagerBuilder registry) throws Exception { registry.userDetailsService(userDetailsServiceBean()); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(“/resources/**”); } @Override protected void configure(HttpSecurity http) throws Exception { […]