Spring Security(七):2.4 Getting Spring Security

You can get hold of Spring Security in several ways. You can download a packaged distribution from the main Spring Security page, download individual jars from the Maven Central repository (or a Spring Maven repository for snapshot and milestone releases) or, alternatively, you can build the project from source yourself.

您可以通过多种方式获得Spring Security。您可以从Spring Security主页面下载打包的发行版,从Maven Central存储库(或Spring Maven存储库下载快照和里程碑版本)下载单个jar,或者,您也可以自己从源代码构建项目。

2.4.1 Usage with Maven (使用Maven)

A minimal Spring Security Maven set of dependencies typically looks like the following:

最小的Spring Security Maven依赖项通常如下所示:

pom.xml

<dependencies>
<!-- ... other dependency elements ... -->
<dependency>
	<groupId>org.springframework.security</groupId>
	<artifactId>spring-security-web</artifactId>
	<version>4.2.10.RELEASE</version>
</dependency>
<dependency>
	<groupId>org.springframework.security</groupId>
	<artifactId>spring-security-config</artifactId>
	<version>4.2.10.RELEASE</version>
</dependency>
</dependencies>

If you are using additional features like LDAP, OpenID, etc. you will need to also include the appropriate Section 2.4.3, “Project Modules”.  

Maven Repositories

All GA releases (i.e. versions ending in .RELEASE) are deployed to Maven Central, so no additional Maven repositories need to be declared in your pom.

所有GA版本(即以.RELEASE结尾的版本)都部署到Maven Central,因此不需要在您的pom中声明其他Maven存储库。

If you are using a SNAPSHOT version, you will need to ensure you have the Spring Snapshot repository defined as shown below:

如果您使用的是SNAPSHOT版本,则需要确保定义了Spring Snapshot存储库,如下所示:

pom.xml. 

<repositories>
<!-- ... possibly other repository elements ... -->
<repository>
	<id>spring-snapshot</id>
	<name>Spring Snapshot Repository</name>
	<url>http://repo.spring.io/snapshot</url>
</repository>
</repositories>

If you are using a milestone or release candidate version, you will need to ensure you have the Spring Milestone repository defined as shown below:

如果您使用里程碑或候选发布版本,则需要确保已定义Spring Milestone存储库,如下所示:

pom.xml

<repositories>
<!-- ... possibly other repository elements ... -->
<repository>
	<id>spring-milestone</id>
	<name>Spring Milestone Repository</name>
	<url>http://repo.spring.io/milestone</url>
</repository>
</repositories>

Spring Framework Bom (良好的spring框架)

Spring Security builds against Spring Framework 4.3.21.RELEASE, but should work with 4.0.x. The problem that many users will have is that Spring Security’s transitive dependencies resolve Spring Framework 4.3.21.RELEASE which can cause strange classpath problems.

Spring Security针对Spring Framework 4.3.21.RELEASE构建,但应该与4.0.x一起使用。许多用户将遇到的问题是Spring Security的传递依赖性解决了Spring Framework 4.3.21.RELEASE,它可能导致奇怪的类路径问题。

One (tedious) way to circumvent this issue would be to include all the Spring Framework modules in a <dependencyManagement> section of your pom. An alternative approach is to include the spring-framework-bomwithin your <dependencyManagement> section of your pom.xml as shown below:

解决此问题的一种(繁琐)方法是将所有Spring Framework模块包含在pom的<dependencyManagement>部分中。另一种方法是将spring-framework-bom包含在pom.xml的<dependencyManagement>部分中,如下所示:

pom.xml

<dependencyManagement>
	<dependencies>
	<dependency>
		<groupId>org.springframework</groupId>
		<artifactId>spring-framework-bom</artifactId>
		<version>4.3.21.RELEASE</version>
		<type>pom</type>
		<scope>import</scope>
	</dependency>
	</dependencies>
</dependencyManagement>

This will ensure that all the transitive dependencies of Spring Security use the Spring 4.3.21.RELEASE modules.

这将确保Spring Security的所有传递依赖项都使用Spring 4.3.21.RELEASE模块。

This approach uses Maven’s "bill of materials" (BOM) concept and is only available in Maven 2.0.9+. For additional details about how dependencies are resolved refer to Maven’s Introduction to the Dependency Mechanism documentation.

这种方法使用Maven的“物料清单”(BOM)概念,仅适用于Maven 2.0.9+。有关如何解析依赖关系的其他详细信息,请参阅Maven的依赖关系机制简介文档。

2.4.2 Gradle

A minimal Spring Security Gradle set of dependencies typically looks like the following:

最小的Spring Security Gradle依赖项集通常如下所示:

build.gradle. 

dependencies {
	compile ‘org.springframework.security:spring-security-web:4.2.10.RELEASE‘
	compile ‘org.springframework.security:spring-security-config:4.2.10.RELEASE‘
}

 

Gradle Repositories

All GA releases (i.e. versions ending in .RELEASE) are deployed to Maven Central, so using the mavenCentral() repository is sufficient for GA releases.

所有GA版本(即以.RELEASE结尾的版本)都部署到Maven Central,因此使用mavenCentral()存储库足以支持GA版本。

repositories {
	mavenCentral()
}

If you are using a SNAPSHOT version, you will need to ensure you have the Spring Snapshot repository defined as shown below:

如果您使用的是SNAPSHOT版本,则需要确保定义了Spring Snapshot存储库,如下所示:

build.gradle. 

repositories {
	maven { url ‘https://repo.spring.io/snapshot‘ }
}

 

If you are using a milestone or release candidate version, you will need to ensure you have the Spring Milestone repository defined as shown below:

如果您使用里程碑或候选发布版本,则需要确保已定义Spring Milestone存储库,如下所示:

build.gradle. 

repositories {
	maven { url ‘https://repo.spring.io/milestone‘ }
}

Using Spring 4.0.x and Gradle

By default Gradle will use the newest version when resolving transitive versions. This means that often times no additional work is necessary when running Spring Security 4.2.10.RELEASE with Spring Framework 4.3.21.RELEASE. However, at times there can be issues that come up so it is best to mitigate this using Gradle’s ResolutionStrategy as shown below:

默认情况下,Gradle将在解析传递版本时使用最新版本。这意味着在使用Spring Framework 4.3.21.RELEASE运行Spring Security 4.2.10.RELEASE时,通常不需要额外的工作。但是,有时可能会出现问题,因此最好使用Gradle的ResolutionStrategy来缓解这个问题,如下所示:

build.gradle. 

configurations.all {
	resolutionStrategy.eachDependency { DependencyResolveDetails details ->
		if (details.requested.group == ‘org.springframework‘) {
			details.useVersion ‘4.3.21.RELEASE‘
		}
	}
}

This will ensure that all the transitive dependencies of Spring Security use the Spring 4.3.21.RELEASE modules.

这将确保Spring Security的所有传递依赖项都使用Spring 4.3.21.RELEASE模块。

This example uses Gradle 1.9, but may need modifications to work in future versions of Gradle since this is an incubating feature within Gradle.

此示例使用Gradle 1.9,但可能需要修改才能在Gradle的未来版本中使用,因为这是Gradle中的孵化功能。

原文地址:https://www.cnblogs.com/shuaiandjun/p/10127876.html

时间: 2024-10-09 06:03:29

Spring Security(七):2.4 Getting Spring Security的相关文章

Spring Security 3.2.x与Spring 4.0.x的Maven依赖管理

原文链接: Spring Security with Maven原文日期: 2013年04月24日翻译日期: 2014年06月29日翻译人员: 铁锚 1. 概述 本文通过实例为您介绍怎样使用 Maven 管理 Spring Security 和 Spring 的依赖关系.最新的Spring Security公布版本号能够在 Maven Central仓库 中找到. 译者建议訪问MVNRespotory中org.springframework.security链接.本文是 使用Maven管理Spr

Spring Security 入门(1-12)Spring Security - remember me!

Remember-Me 功能 概述 Remember-Me 是指网站能够在 Session 之间记住登录用户的身份,具体来说就是我成功认证一次之后在一定的时间内我可以不用再输入用户名和密码进行登录了,系统会自动给我登录.这通常是通过服务端发送一个 cookie 给客户端浏览器,下次浏览器再访问服务端时服务端能够自动检测客户端的 cookie,根据 cookie 值触发自动登录操作.Spring Security 为这些操作的发生提供必要的钩子,并且针对于 Remember-Me 功能有两种实现.

Spring Security 入门(1-9)Spring Security - 拦截 url

intercept-url配置 通过 pattern属性 指定拦截的 url 通过access属性指定url的访问权限 其中,access 的值是一个字符串,其可以直接是一个权限的定义,也可以是一个表达式. <security:http use-expressions="true">     <security:form-login />     <security:logout />     <security:intercept-url p

Spring Security 入门(1-13)Spring Security - Session管理

session 管理 Spring Security 通过 http 元素下的子元素 session-management 提供了对 Http Session 管理的支持. 检测 session 超时 Spring Security 可以在用户使用已经超时的 sessionId 进行请求时将用户引导到指定的页面.这个可以通过如下配置来实现. <security:http> ... <!-- session 管理,invalid-session-url 指定使用已经超时的 sessionI

学习Spring Cloud中eureka注册中心添加security认证,eureka client注册启动报错

最近使用SpringCloud在eureka server端添加security登录认证之后,eureka client注册启动一直报错,大概意思是未发现eureka server,导致注册启动失败! 1 2018-08-09 14:50:06.042 WARN 13256 --- [nfoReplicator-0] c.n.discovery.InstanceInfoReplicator : There was a problem with the instance info replicat

spring学习七 spring和dynamic project进行整合

spring和web项目进行整合,其实就是在项目启动时,就创建spring容器,然后在servlet中使用spring容器进行开. 注意:为了页面可以访问到servlet,因此servlet必须放进tomcat或者类似的服务器容器中,如果把servlet放进spring容器中,前端页面是无法访问的 第一步:导入spring-web.jar包,因为有一些别的依赖关系,还需要导入spring-tx.jar,spring-aop.jar等包 第二步:编写web.xml配置文件 在web.xml配置一个

spring cloud (七) Config server基于svn配置

1 pom.xml <?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM

Spring Boot 揭秘与实战 附录 - Spring Boot 公共配置

Spring Boot 公共配置,配置 application.properties/application.yml 文件中. 摘自:http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html # =================================================================== # COMMON SPRING

Spring Security3 - MVC 整合教程 (初识Spring Security3)

下面我们将实现关于Spring Security3的一系列教程.最终的目标是整合Spring Security + Spring3MVC完成类似于SpringSide3中mini-web的功能. Spring Security是什么? 引用 Spring Security,这是一种基于Spring AOP和Servlet过滤器的安全框架.它提供全面的安全性解决方案,同时在Web请求级和方法调用级处理身份确认和授权.在Spring Framework基础上,Spring Security充分利用了

响应式Spring的道法术器(Spring WebFlux 快速上手 + 全面介绍)

1. Spring WebFlux 2小时快速入门 Spring 5 之使用Spring WebFlux开发响应式应用. lambda与函数式(15min) Reactor 3 响应式编程库(60min) Spring Webflux和Spring Data Reactive开发响应式应用(45min) 通过以上内容相信可以对Spring 5.0 推出的响应式开发有了初步的体会.如果希望有更加深入的了解,欢迎阅读下边的系列文章-- 2. 响应式Spring的道法术器 这个系列的文章是为了记录下自