当前位置: 代码迷 >> 综合 >> SpringSecurity------InitializeUserDetailsBeanManagerConfigurer类
  详细解决方案

SpringSecurity------InitializeUserDetailsBeanManagerConfigurer类

热度:38   发布时间:2023-12-20 23:13:13.0

SpringSecurity------InitializeUserDetailsBeanManagerConfigurer类

    • 一、作用
    • 二、源码分析

一、作用

为AuthenticationManagerBuilder添加一个InitializeUserDetailsManagerConfigurer配置器。如果容器中没有用于构建AuthenticationManager的AuthenticationProvider,也没有为AuthenticationManagerBuilder设置parent AuthenticationManager时,尝试使用容器中类型为 UserDetailsService 的bean构造一个 DaoAuthenticationProvider 并设置到 AuthenticationManagerBuilder 上, 当然,如果容器中连 UserDetailsService bean 也不存在,则InitializeUserDetailsManagerConfigurer 什么都不做直接返回。InitializeUserDetailsManagerConfigurer 构建 DaoAuthenticationProvider 时,如果容器中存在PasswordEncoder , UserDetailsPasswordService 也会将它们应用到 DaoAuthenticationProvider 。

二、源码分析

package org.springframework.security.config.annotation.authentication.configuration;import org.springframework.context.ApplicationContext;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.userdetails.UserDetailsPasswordService;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;/*** Lazily initializes the global authentication with a {@link UserDetailsService} if it is* not yet configured and there is only a single Bean of that type. Optionally, if a* {@link PasswordEncoder} is defined will wire this up too.** @author Rob Winch* @since 4.1*/
@Order(InitializeUserDetailsBeanManagerConfigurer.DEFAULT_ORDER)
class InitializeUserDetailsBeanManagerConfigurer extends GlobalAuthenticationConfigurerAdapter {
    static final int DEFAULT_ORDER = Ordered.LOWEST_PRECEDENCE - 5000;private final ApplicationContext context;/*** @param context*/InitializeUserDetailsBeanManagerConfigurer(ApplicationContext context) {
    this.context = context;}@Overridepublic void init(AuthenticationManagerBuilder auth) throws Exception {
    auth.apply(new InitializeUserDetailsManagerConfigurer());}class InitializeUserDetailsManagerConfigurer extends GlobalAuthenticationConfigurerAdapter {
    @Overridepublic void configure(AuthenticationManagerBuilder auth) throws Exception {
    if (auth.isConfigured()) {
    return;}UserDetailsService userDetailsService = getBeanOrNull(UserDetailsService.class);if (userDetailsService == null) {
    return;}PasswordEncoder passwordEncoder = getBeanOrNull(PasswordEncoder.class);UserDetailsPasswordService passwordManager = getBeanOrNull(UserDetailsPasswordService.class);DaoAuthenticationProvider provider = new DaoAuthenticationProvider();provider.setUserDetailsService(userDetailsService);if (passwordEncoder != null) {
    provider.setPasswordEncoder(passwordEncoder);}if (passwordManager != null) {
    provider.setUserDetailsPasswordService(passwordManager);}provider.afterPropertiesSet();auth.authenticationProvider(provider);}/*** @return a bean of the requested class if there's just a single registered* component, null otherwise.*/private <T> T getBeanOrNull(Class<T> type) {
    String[] beanNames = InitializeUserDetailsBeanManagerConfigurer.this.context.getBeanNamesForType(type);if (beanNames.length != 1) {
    return null;}return InitializeUserDetailsBeanManagerConfigurer.this.context.getBean(beanNames[0], type);}}}
  相关解决方案