批注安全性Spring文件属性
[英]annotation security spring file properties
问题描述
I want use annotation @PreAuthorized and @PostAuthorized in my application in spring, but I use and it not do nothing. 
我想在春季在我的应用程序中使用注解@PreAuthorized和@PostAuthorized,但是我使用并且它什么也不做。 I need activate "something" in application.properties, but I don´t know that. 我需要在application.properties中激活“某物”,但是我不知道。 I read that put this is servlet.xl 我读到放这是servlet.xl
<global-method-security pre-post-annotations="enabled" />
But in file properties? 但是在文件属性上呢? I use java annotations but I haven't activate this. 我使用Java批注,但尚未激活它。
1 个解决方案
解决方案1
0 2015-06-01 11:30:55
I would suggest just to use configurations like this: 我建议只使用这样的配置:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class AuthenticationConfiguration extends WebSecurityConfigurerAdapter {
// Your authorisation service, you need to provide one
@Autowired
private UserAuthenticationService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().fullyAuthenticated();
http.httpBasic();
http.csrf().disable();
}
}
There is a pretty nice tutorial this this over here, you should read it and try to replicate it step by step, there is much more information on topic that it can be put here: Building a secure REST API with Spring Data REST and Java 8 这里有一个非常不错的教程,您应该阅读并尝试逐步进行复制,有关此主题的更多信息,可以放在这里: 使用Spring Data REST和Java 8构建安全的REST API
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.