[Spring Security] An Simple example configuration
Spring an Security configuration Simple Example
2023-09-14 09:00:46 时间
package com.example.ec.security; import com.example.ec.repo.RoleRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired RoleRepository roleRepository; @Override protected void configure(HttpSecurity http) throws Exception { // Entry points http.authorizeRequests() .antMatchers("/packages/**").permitAll() .antMatchers("/tours/**").permitAll() .antMatchers("/ratings/**").permitAll() .antMatchers("/users/signin").permitAll() // Disallow everything else.. .anyRequest().authenticated(); // Disable CSRF (cross site request forgery) http.csrf().disable(); // No session will be created or used by spring security http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); } @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(12); } }
@Component public class ExploreCaliUserDetailsService implements UserDetailsService { @Autowired private UserRepository userRepository; @Override public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException { User user = userRepository.findByUsername(s).orElseThrow(() -> new UsernameNotFoundException(String.format("User with name %s does not exist", s))); //org.springframework.security.core.userdetails.User.withUsername() builder return withUsername(user.getUsername()) .password(user.getPassword()) .authorities(user.getRoles()) .accountExpired(false) .accountLocked(false) .credentialsExpired(false) .disabled(false) .build(); } }
相关文章
- Spring 全家桶之 Spring Framework 5.3(七)- 声明式事务
- Spring batch教程 之 spring batch简介
- batch spring 重复执行_Spring Batch批处理
- spring-retry实现重试功能
- Spring Security
- spring boot整合shiro_Spring框架介绍及使用
- Spring 事务管理详解
- SpringBoot:模块探究之spring-boot-starters
- spring框架
- Spring Security里的Authentication
- Spring Boot 构建多租户系统 实现动态切换数据源
- an软件怎么下载到电脑上,Adobe Animate(An)2023软件安装包下载及安装教程
- an软件-中文版An下载 2021Adobe Animate 2022 v22.0.8 安装教程2022
- ORA-44413: Invalid ACL: Security class of parent ACL must be an ancestor of security class of child ACL ORACLE 报错 故障修复 远程处理
- spring aop详解编程语言
- spring 学习详解编程语言
- Spring Boot(十五):spring boot+jpa+thymeleaf增删改查示例详解编程语言
- Spring自动装配Bean
- spring使用Spring整合Redis和Jedis构建高性能应用(redisjedis与)
- Spring框架下整合Redis的实现(spring整合redis)