Spring MVC, Spring Security, Simply Require Username_问答_开发者

Spring MVC, Spring Security, Simply Require Username

开发者 https://www.devze.com 2023-04-03 07:38 出处：网络

I have a Spring 3 M开发者_如何转开发VC website using Spring Security 3.1.0RC2. Currently I am using the org.springframework.security.ldap.authentication.ad.ActiveDirectoryAuthenticationProvider for lo

I have a Spring 3 M开发者_如何转开发VC website using Spring Security 3.1.0RC2. Currently I am using the org.springframework.security.ldap.authentication.ad.ActiveDirectoryAuthenticationProvider for log-in. For demo purposes, my boss just wants to have to enter a username (any username) and not have it validated against anything, instead, just grant access. Is there some way I can make sure the user entered a username and that's it?

Why not just write your own AuthenticationProvider.

class MyAuthProvider implements AuthenticationProvider {
    public Authentication authenticate(Authentication authentication) {
        // add code to populate GrantedAuthority list if needed.
        Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(new GrantedAuthorityImpl("ROLE_1"));
        authorities.add(new GrantedAuthorityImpl("ROLE_2"));
        authorities.add(new GrantedAuthorityImpl("ROLE_3"));
        return new UsernamePasswordAuthenticationToken(
            authentication.getPrincipal(), 
            authentication.getCredentials(), 
            authorities);

    }

    public boolean supports(Class<?> authentication) {
        return true;
    }
}

In your spring security config:

<security:authentication-manager>
    <security:authentication-provider ref="myAuthenticationProvider" />
</security:authentication-manager>
<bean id="myAuthenticationProvider" class="MyAuthProvider"/>

UPDATE 1 See above for how to add authorities (granted roles) to the user.