Spring Security登录和注册
[英]Spring security login and register
问题描述
i want to with postman login to my web app which is secure. 
我想用邮递员登录到安全的Web应用程序。 In the web browser normal i can write my login and password, but how to login by postman when i want to hit under endpoint for example /login ? 在Web浏览器中,正常情况下我可以写我的登录名和密码,但是当我想在端点下打例如/ login时,如何通过邮递员登录? I should create rest controller which will handle this situation or maybe is the way that automatically handle this situation? 我应该创建Rest Controller来处理这种情况,或者也许是自动处理这种情况的方式? Is it a good idea to send username and password in url something like that /login?username=admin&password=admin or better in body? 在url中发送类似/ login的用户名和密码是一个好主意吗?username = admin&password = admin还是更好的选择? Below it's my security config: 下面是我的安全配置:
SecurityConfig.java SecurityConfig.java
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private MyUserDetailsService userDetailsService;
@Autowired
private UserRepository userRepository;
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(11);
}
@Override
protected UserDetailsService userDetailsService() {
return userDetailsService;
}
@Bean
public SimpleSocialUserDetailsService simpleSocialUserDetailsService() {
return new SimpleSocialUserDetailsService(userRepository);
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.csrf().disable()
.headers().frameOptions().disable()
.and()
.authorizeRequests()
.antMatchers("/login*", "/success*").anonymous()
.antMatchers("/auth/**", "/signup/**", "/css/*", "/webjars/**","/js/*","/image/*").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login")
.successForwardUrl("/tasks")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/logout-success").permitAll()
.and()
.apply(new SpringSocialConfigurer());
}
}
1 个解决方案
解决方案1
0 2018-11-01 17:05:45
What type of security are you using? 您正在使用哪种类型的安全性? You can configure Postman to send credentials in the Authorization tab (below example using Basic Auth): 您可以将Postman配置为在“授权”选项卡中发送凭据(以下示例使用“基本身份验证”):
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.