问题描述

在我正在工作的项目中，我们根据角色ID(而不是角色描述)进行身份验证，并且此映射存储在数据库中.

In the project I am working we authenticate based on role ids rather than role description and this mapping is stored in the database.

我的问题是，如何删除Spring Security的RoleVoter前缀以实现上述设计?

My question is, How do I remove Spring Security's RoleVoter prefix to implement the design as above?

推荐答案

Spring安全性RoleVoter需要一个前缀以区分作为角色的已授予权限，请参阅此以获取更多详细信息.

Spring security RoleVoterneeds a prefix in order to distinguish the granted authorities that are roles, see this answer for further details.

如果要更改此设置，可以始终提供自己的自定义AccessDecisionManager and configure it with a custom RoleVoter`.

If you want to change this, you can always provide your own custom AccessDecisionManager and configure it with a customRoleVoter`.

这是此类自定义访问决策管理器的示例:

This is an example of such a custom access decision manager:

public class MyAccessDecisionManager  extends AffirmativeBased {


    public MyAccessDecisionManager() {
        super();
        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
        RoleVoter roleVoter = new MyCustomRoleVoter();
        decisionVoters.add(roleVoter);
        AuthenticatedVoter authenticatedVoter = new AuthenticatedVoter();
        decisionVoters.add(authenticatedVoter);
        setDecisionVoters(decisionVoters);

    }

并用于代替默认访问决策管理器:

And for using it in place of the default access decision manager:

<bean id="myAccessDecisionManager" class="full.package.name.MyAccessDecisionManager" />

<security:http access-decision-manager-ref="myAccessDecisionManager">
    ...
</security:http>

这篇关于Spring Security删除RoleVoter前缀的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！