在没有AbstractSecurityWebApplicationInitializer的情况下启用Spring Security
[英]Enabling Spring Security without AbstractSecurityWebApplicationInitializer
问题描述
I have a Spring based web application (not Spring boot) and I'm trying to enable Spring Security. 
我有一个基于Spring的Web应用程序(不是Spring Boot),并且正在尝试启用Spring Security。
I can enable it by extending AbstractSecurityWebApplicationInitializer and it works fine. 我可以通过扩展AbstractSecurityWebApplicationInitializer来启用它,并且效果很好。 However I want to do it using @EnableWebSecurity , without extending AbstractSecurityWebApplicationInitializer . 但是我想使用@EnableWebSecurity做到这@EnableWebSecurity ,而无需扩展AbstractSecurityWebApplicationInitializer 。 But this annotation alone cannot enable it. 但是仅此注释不能启用它。 Is there a way to achieve that or does this annotation alone solution works only for Spring Boot? 有没有办法做到这一点,或者仅此注释解决方案仅适用于Spring Boot?
Thanks. 谢谢。
1 个解决方案
解决方案1
1 2019-05-03 15:05:39
In a non-Boot environment, you are probably using a dispatcher servlet initializer class, for example, extending the AbstractAnnotationConfigDispatcherServletInitializer . 在非引导环境中,您可能正在使用调度程序servlet初始化程序类,例如,扩展AbstractAnnotationConfigDispatcherServletInitializer 。 You can register the security filter chain like this: 您可以这样注册安全过滤器链:
private static void initSecurityFilter(ServletContext servletContext) {
FilterRegistration.Dynamic securityFilter = servletContext.addFilter("springSecurityFilterChain",
DelegatingFilterProxy.class);
final EnumSet<DispatcherType> es = EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD);
securityFilter.addMappingForUrlPatterns(es, true, "/*");
}
and invoke it from onStartup . 并从onStartup调用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.