堆栈内存溢出
  简体   繁体   English

Spring Security禁用rememberMe不起作用

[英]Spring Security disable rememberMe doesn't work

 原文  2017-01-05 21:24:10       java/ spring/ spring-security

问题描述

I have Spring Boot application. 我有Spring Boot应用程序。 It is necessary to send Authorization header on every request otherwise deny access to resource. 必须在每个请求上发送Authorization标头,否则将拒绝对资源的访问。

But if I made request with this header once I can send requests without it and receive content of resource. 但是,如果我一次使用此标头发出请求,则可以不使用它发送请求并接收资源内容。 Why? 为什么? Where am I wrong in code? 我在哪里写错代码?

Spring Security configuration: Spring Security配置: 

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .rememberMe().disable()
            .csrf().disable()
            .authorizeRequests().anyRequest().fullyAuthenticated().and()
            .httpBasic().and()
            .formLogin().disable()
            .logout().disable();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .inMemoryAuthentication()
            .withUser("1").password("1").roles("USER");
    }
}

Controller: 控制器: 

    @RestController
    public class FooController {

        @RequestMapping("/foo")
        public Bar bar() {
            Bar bar = new Bar();
            return bar;
        }
    }

1 个解决方案

解决方案1
 0  2017-01-06 02:19:05

    http
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)

Disable create session. 禁用创建会话。 Session Management 会话管理

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 找不到用于Spring Security的Spring Bean还记得我吗? - Spring Bean not found for Spring Security RememberMe? Spring Security @PreAuthorize注释不起作用 - Spring Security @PreAuthorize annotaion doesn't work Spring安全性不适用于angularJS - Spring security doesn't work with angularJS Spring Security Taglib不起作用 - Spring Security taglib doesn't work Spring安全和Thymeleaf不起作用 - Spring security and Thymeleaf doesn't work CrossOrigin注释不适用于Spring Security - CrossOrigin annotation doesn't work with spring security 春季安全+休息不起作用 - spring security + rest doesn't work 使用 Spring 保护应用程序安全不起作用 - Securing app with Spring Security doesn't work 带有用户名和 ID 的 Spring Security RememberMe 功能 - Spring Security RememberMe function with username and id Spring Security 4.0.3 RememberMe tokenValiditySeconds无法正常工作 - Spring Security 4.0.3 rememberMe tokenValiditySeconds not working
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM