Home | 简体中文 | 繁体中文 | 杂文 | Github | 知乎专栏 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
第 57 章 Springboot 3 + Security 6
上一页 部分 IV. Spring Security 下一页
知乎专栏

第 57 章 Springboot 3 + Security 6

目录

57.1. Spring Security with HTTP Auth
57.1.1. 默认配置
57.1.2. 设置用户名和密码
57.1.3. 禁用 Security
57.1.4. 设置角色
57.2. Springboot 3 Security + OncePerRequestFilter
57.2.1. OncePerRequestFilter
57.2.2. SecurityConfiguration
57.3. SecurityFilterChain
57.4. @PreAuthorize
57.4.1. hasRole
57.4.2. hasAnyRole
57.4.3. 从 HttpServletRequest 返回的 request 变量中判断角色
57.4.4. getAuthentication() 获得角色
57.4.5. UserDetailsService
57.5. httpBasic 配置
57.6. InvalidClaimException: The Token can't be used before

57.1. Spring Security with HTTP Auth

57.1.1. 默认配置

如果在 maven 中引入了 spring security当你启动 springboot 的时候会提示

			
Using generated security password: 1cd27b90-1208-4be2-ae8e-0f564ee427b8

默认用户名是 user 可以这样访问

			
neo@MacBook-Pro ~ % curl -s http://user:1cd27b90-1208-4be2-ae8e-0f564ee427b8@localhost:8080/member/json
{"status":false,"reason":"","code":0,"data":{}}

57.1.2. 设置用户名和密码

			
spring.security.user.name=test
spring.security.user.password=test
spring.security.user.role=USER

57.1.3. 禁用 Security

方法一

			
@EnableAutoConfiguration(exclude = {
		org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class
})
			
			
			
			
@SpringBootApplication(exclude = { SecurityAutoConfiguration.class })
public class Application {
	public static void main(String[] args) {
		System.out.println("Web Starting...");
		SpringApplication.run(Application.class, args);
	}
}

57.1.4. 设置角色

			
spring:
  security:
    user:
      name: kaven
      password: itkaven
      roles:
        - USER
        - ADMIN
上一页 上一级 下一页
部分 IV. Spring Security 起始页 57.2. Springboot 3 Security + OncePerRequestFilter