问题
If I understand correctly, when I configured Spring Security an instance of FilterSecurityInterceptor was created automatically. I would like to set the alwaysReauthenticate property to true, but I don't want to create my own FilterSecurityInterceptor or configure my own custom filter chain. Is there a way to do this?
Update: May 01, 2012 Based on the comment below I came up with this code, which is working just as desired:
public class ForceAuthCheckinator implements BeanPostProcessor {
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if (beanName.contains("FilterSecurityInterceptor")) {
((FilterSecurityInterceptor bean).setAlwaysReauthenticate(true);
}
return bean;
}
}
Then in my application context file I added this single line, which activated the class and wired it into place:
<bean class="com.mydomain.ForceAuthCheckinator"/>
Thanks for the help.
回答1:
A typical solution for this kind of problems is to create a BeanPostProcessor that will intercept initialization of FilterSecurityInterceptor bean and apply necessary customizations to it.
来源:https://stackoverflow.com/questions/10322026/set-property-of-filtersecurityinterceptor-without-creating-custom-filter