In XML configuration, I can use security
namespace to enable support for security, such as:
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticator" />
</security:authentication-manager>
<security:global-method-security pre-post-annotations="enabled" />
<bean id="authenticator"
class="org.springframework.security.authentication.TestingAuthenticationProvider" />
I try to use Spring without XML, with only @Configuration
classes. What is the plain Java equivalent of such configuration as the XML sample above?
EDIT: In December 2013 Spring Security 3.2 was released and Java Configuration was implemented, so above XML is roughly equivalent to:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final AuthenticationManagerBuilder auth)
throws Exception {
auth.authenticationProvider(authenticator());
super.configure(auth);
}
@Bean
public AuthenticationProvider authenticator() {
return new TestingAuthenticationProvider();
}
}
Old answer from 2012:
Unfortunately, there isn't any. Check this answer (posted half year ago by Spring Security lead dev):
There currently is no easy way to do Spring Security configuration with Java configuration. You must know what the namespace does behind the scenes making it difficult and error prone. For this reason, I would recommend sticking with the Spring Security namespace configuration.
One option is to contribute to an unofficial project - Scalasec - which provides Scala-based configuration and was described in this post on SpringSource blog. Again, this is not recommended for production since project seems to be abandoned. I want to experiment with this project some day but have no spare time currently :(
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With