【免费】SpringSecurity资源-CSDN文库

Spring

Security

需积分: 0 85 浏览量 2008-09-29 18:22:30 上传评论 1 收藏 351KB PDF 举报

资源详情

资源评论

资源推荐

Acegi Security

Reference Documentation

1.0.7

Ben Alex

Table of Contents

Preface ............................................................................................................................................v

I. Overall Architecture ...................................................................................................................1

1. Introduction ........................................................................................................................2

1.1. What is Acegi Security? ..........................................................................................2

1.2. History .....................................................................................................................3

1.3. Release Numbering .................................................................................................4

2. Technical Overview ...........................................................................................................5

2.1. Runtime Environment .............................................................................................5

2.2. Shared Components ................................................................................................5

2.3. Authentication .........................................................................................................7

2.4. Secure Objects ........................................................................................................9

2.5. Conclusion ............................................................................................................11

3. Supporting Infrastructure .................................................................................................12

3.1. Localization ...........................................................................................................12

3.2. Filters ....................................................................................................................13

4. Channel Security ..............................................................................................................16

4.1. Overview ...............................................................................................................16

4.2. Configuration ........................................................................................................16

4.3. Conclusion ............................................................................................................17

5. Tag Libraries ....................................................................................................................19

5.1. Overview ...............................................................................................................19

5.2. Configuration ........................................................................................................19

5.3. Usage .....................................................................................................................19

II. Authentication .........................................................................................................................20

6. Common Authentication Services ...................................................................................21

6.1. Mechanisms, Providers and Entry Points .............................................................21

6.2. UserDetails and Associated Types ........................................................................23

6.2.1. In-Memory Authentication ........................................................................24

6.2.2. JDBC Authentication .................................................................................25

6.3. Concurrent Session Handling ...............................................................................25

6.4. Authentication Tag Libraries ................................................................................26

7. DAO Authentication Provider .........................................................................................27

7.1. Overview ...............................................................................................................27

7.2. Configuration ........................................................................................................27

8. Java Authentication and Authorization Service (JAAS) Provider ...................................29

8.1. Overview ...............................................................................................................29

8.2. Configuration ........................................................................................................29

8.2.1. JAAS CallbackHandler ..............................................................................29

8.2.2. JAAS AuthorityGranter .............................................................................30

9. Siteminder Authentication Mechanism ............................................................................31

9.1. Overview ...............................................................................................................31

9.2. Configuration ........................................................................................................31

10. Run-As Authentication Replacement ............................................................................33

10.1. Overview .............................................................................................................33

10.2. Configuration ......................................................................................................33

11. Form Authentication Mechanism ..................................................................................35

11.1. Overview .............................................................................................................35

Acegi Security 1.0.7 ii

11.2. Configuration ......................................................................................................35

12. BASIC Authentication Mechanism ...............................................................................36

12.1. Overview .............................................................................................................36

12.2. Configuration ......................................................................................................36

13. Digest Authentication ....................................................................................................37

13.1. Overview .............................................................................................................37

13.2. Configuration ......................................................................................................38

14. Anonymous Authentication ...........................................................................................39

14.1. Overview .............................................................................................................39

14.2. Configuration ......................................................................................................39

15. Remember-Me Authentication .......................................................................................41

15.1. Overview .............................................................................................................41

15.2. Configuration ......................................................................................................41

16. X509 Authentication ......................................................................................................43

16.1. Overview .............................................................................................................43

16.2. Using X509 with Acegi Security ........................................................................43

16.3. Configuration ......................................................................................................44

17. LDAP Authentication ....................................................................................................45

17.1. Overview .............................................................................................................45

17.2. Using LDAP with Acegi Security .......................................................................45

17.2.1. LdapAuthenticator Implementations .......................................................45

17.2.2. Connecting to the LDAP Server ..............................................................46

17.2.3. LDAP Search Objects ..............................................................................46

17.3. Configuration ......................................................................................................47

18. CAS Authentication .......................................................................................................48

18.1. Overview .............................................................................................................48

18.2. How CAS Works ................................................................................................48

18.3. Optional CAS Server Setup ................................................................................51

18.3.1. CAS Version 2.0 ......................................................................................51

18.3.2. CAS Version 3.0 ......................................................................................52

18.4. Configuration of CAS Client ..............................................................................53

18.5. Advanced Issues ..................................................................................................56

19. Container Adapter Authentication .................................................................................57

19.1. Overview .............................................................................................................57

19.2. Adapter Authentication Provider ........................................................................57

19.3. Jetty .....................................................................................................................58

19.4. JBoss ...................................................................................................................59

19.5. Resin ...................................................................................................................60

19.6. Tomcat ................................................................................................................61

III. Authorization .........................................................................................................................63

20. Common Authorization Concepts ..................................................................................64

20.1. Authorities ...........................................................................................................64

20.2. Pre-Invocation Handling .....................................................................................64

20.3. After Invocation Handling ..................................................................................67

20.3.1. ACL-Aware AfterInvocationProviders ....................................................68

20.3.2. ACL-Aware AfterInvocationProviders (old ACL module) .....................69

20.4. Authorization Tag Libraries ................................................................................69

21. Secure Object Implementations .....................................................................................71

21.1. AOP Alliance (MethodInvocation) Security Interceptor ....................................71

21.2. AspectJ (JoinPoint) Security Interceptor ............................................................73

21.3. FilterInvocation Security Interceptor ..................................................................75

22. Domain Object Security .................................................................................................78

Acegi Security

Acegi Security 1.0.7 iii

Preface

Acegi Security provides a comprehensive security solution for J2EE-based enterprise software

applications. As you will discover as you venture through this reference guide, we have tried to

provide you a useful and highly configurable security system.

Security is an ever-moving target, and it's important to pursue a comprehensive, system-wide

approach. In security circles we encourage you to adopt "layers of security", so that each layer tries to

be as secure as possible in its own right, with successive layers providing additional security. The

"tighter" the security of each layer, the more robust and safe your application will be. At the bottom

level you'll need to deal with issues such as transport security and system identification, in order to

mitigate man-in-the-middle attacks. Next you'll generally utilise firewalls, perhaps with VPNs or IP

security to ensure only authorised systems can attempt to connect. In corporate environments you may

deploy a DMZ to separate public-facing servers from backend database and application servers. Your

operating system will also play a critical part, addressing issues such as running processes as

non-privileged users and maximising file system security. An operating system will usually also be

configured with its own firewall. Hopefully somewhere along the way you'll be trying to prevent

denial of service and brute force attacks against the system. An intrusion detection system will also be

especially useful for monitoring and responding to attacks, with such systems able to take protective

action such as blocking offending TCP/IP addresses in real-time. Moving to the higher layers, your

Java Virtual Machine will hopefully be configured to minimize the permissions granted to different

Java types, and then your application will add its own problem domain-specific security configuration.

Acegi Security makes this latter area - application security - much easier.

Of course, you will need to properly address all security layers mentioned above, together with

managerial factors that encompass every layer. A non-exhaustive list of such managerial factors

would include security bulletin monitoring, patching, personnel vetting, audits, change control,

engineering management systems, data backup, disaster recovery, performance benchmarking, load

monitoring, centralised logging, incident response procedures etc.

With Acegi Security being focused on helping you with the enterprise application security layer, you

will find that there are as many different requirements as there are business problem domains. A

banking application has different needs from an ecommerce application. An ecommerce application

has different needs from a corporate sales force automation tool. These custom requirements make

application security interesting, challenging and rewarding.

This reference guide has been largely restructured for the 1.0.0 release of Acegi Security. Please read

Part I, Overall Architecture, in its entirety. The remaining parts of the reference guide are structured in

a more traditional reference style, designed to be read on an as-required basis.

We hope that you find this reference guide useful, and we welcome your feedback and suggestions.

Finally, welcome to the Acegi Security community.

Acegi Security 1.0.7 v

剩余94页未读，继续阅读

评论收藏

内容反馈

alcorluna

粉丝: 1
资源: 21

Spring Security

评论0

最新资源

Spring Security

评论0

SpringSecurity.zip

springSecurity

SpringSecurity项目

springsecurity

Spring_Security

Spring_Security_3

Security

Spring Security二

Spring Security 3

安卓期末大作业（AndroidStudio开发），垃圾分类助手app，分为前台后台，代码有注释，均能正常运行

Notepad++安装包

SwitchHosts

微信小程序源码-合集1.rar

2024北森能力测评题库.7z

ruoyi-vue-pro开发指南PDF下载

ruoyi-vue-pro 芋道源码项目的表结构

最新资源