Spring Security中的IP身份验证
[英]Ip authentication in Spring Security
问题描述
I have Spring Security 4.2.2 in my web-app and configured LDAP based authentication. 
我的Web应用程序中装有Spring Security 4.2.2,并配置了基于LDAP的身份验证。 In addition i also need to authenticate all users with specified ip without log-in form and set the "local_user" role for them. 另外,我还需要使用指定的ip身份验证所有用户,而无需登录表单,并为他们设置“ local_user”角色。 How can i perform that authentication scenario? 如何执行该身份验证方案?
upd: I mean, that "local users" must view the same content as the users that have authorized through login form. upd:我的意思是,“本地用户”必须查看与通过登录表单授权的用户相同的内容。
1 个解决方案
解决方案1
1 已采纳 2017-05-10 14:20:27
You can do that using antMatchers like below code: 您可以使用antMatchers这样的代码,例如:
@EnableWebSecurity
@Configuration
public class BasicSecurityConfig extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/baseUrl/anything-else/**").hasIpAddress("ipAddressExpression")
}
}
Updated 更新
http.authorizeRequests()
.antMatchers("/baseUrl/anything-else/**").access("hasIpAddress('ipAddressExpression') or fullyAuthenticated()");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.