Home | 简体中文 | 繁体中文 | 杂文 | Github | 知乎专栏 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
第 79 章 Springboot 3 + Security 6
上一页 部分 VII. Spring Security 下一页
知乎专栏

第 79 章 Springboot 3 + Security 6

目录

79.1. Spring Security with HTTP Auth
79.1.1. 默认配置
79.1.2. 设置用户名和密码
79.1.3. 禁用 Security
79.1.4. 设置角色
79.2. Springboot 3 Security + OncePerRequestFilter
79.2.1. OncePerRequestFilter
79.2.2. SecurityConfiguration
79.3. SecurityFilterChain
79.4. @PreAuthorize
79.4.1. hasRole
79.4.2. hasAnyRole
79.4.3. 从 HttpServletRequest 返回的 request 变量中判断角色
79.4.4. getAuthentication() 获得角色
79.4.5. UserDetailsService
79.5. httpBasic 配置
79.6. InvalidClaimException: The Token can't be used before

79.1. Spring Security with HTTP Auth

79.1.1. 默认配置

如果在 maven 中引入了 spring security当你启动 springboot 的时候会提示

			
Using generated security password: 1cd27b90-1208-4be2-ae8e-0f564ee427b8

默认用户名是 user 可以这样访问

			
neo@MacBook-Pro ~ % curl -s http://user:1cd27b90-1208-4be2-ae8e-0f564ee427b8@localhost:8080/member/json
{"status":false,"reason":"","code":0,"data":{}}

79.1.2. 设置用户名和密码

			
spring.security.user.name=test
spring.security.user.password=test
spring.security.user.role=USER

79.1.3. 禁用 Security

方法一

			
@EnableAutoConfiguration(exclude = {
		org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class
})
			
			
			
			
@SpringBootApplication(exclude = { SecurityAutoConfiguration.class })
public class Application {
	public static void main(String[] args) {
		System.out.println("Web Starting...");
		SpringApplication.run(Application.class, args);
	}
}

79.1.4. 设置角色

			
spring:
  security:
    user:
      name: kaven
      password: itkaven
      roles:
        - USER
        - ADMIN
上一页 上一级 下一页
部分 VII. Spring Security 起始页 79.2. Springboot 3 Security + OncePerRequestFilter