[英]Enabling Spring Security without AbstractSecurityWebApplicationInitializer
I have a Spring based web application (not Spring boot) and I'm trying to enable Spring Security. 我有一个基于Spring的Web应用程序(不是Spring Boot),并且正在尝试启用Spring Security。
I can enable it by extending AbstractSecurityWebApplicationInitializer
and it works fine. 我可以通过扩展
AbstractSecurityWebApplicationInitializer
来启用它,并且效果很好。 However I want to do it using @EnableWebSecurity
, without extending AbstractSecurityWebApplicationInitializer
. 但是我想使用
@EnableWebSecurity
做到这@EnableWebSecurity
,而无需扩展AbstractSecurityWebApplicationInitializer
。 But this annotation alone cannot enable it. 但是仅此注释不能启用它。 Is there a way to achieve that or does this annotation alone solution works only for Spring Boot?
有没有办法做到这一点,或者仅此注释解决方案仅适用于Spring Boot?
Thanks. 谢谢。
In a non-Boot environment, you are probably using a dispatcher servlet initializer class, for example, extending the AbstractAnnotationConfigDispatcherServletInitializer
. 在非引导环境中,您可能正在使用调度程序servlet初始化程序类,例如,扩展
AbstractAnnotationConfigDispatcherServletInitializer
。 You can register the security filter chain like this: 您可以这样注册安全过滤器链:
private static void initSecurityFilter(ServletContext servletContext) {
FilterRegistration.Dynamic securityFilter = servletContext.addFilter("springSecurityFilterChain",
DelegatingFilterProxy.class);
final EnumSet<DispatcherType> es = EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD);
securityFilter.addMappingForUrlPatterns(es, true, "/*");
}
and invoke it from onStartup
. 并从
onStartup
调用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.