[英]How can I whitelist Domain or IP address in a Rest API application in which we are using springboot?
I'm implementing REST API and we are directly streaming the response using StreamingResponseBody
of springboot.我正在实现 REST API,我们使用 springboot 的
StreamingResponseBody
直接流式传输响应。 We are receiving query parameter through JSON and we are sending the database response by directly streaming.我们通过 JSON 接收查询参数,我们通过直接流发送数据库响应。
We want to lock down access to the URL to a particular Domain or set of IP address - how can we achieve this?我们想锁定对 URL 的访问到特定域或 IP 地址集 - 我们如何实现这一点?
If you are using Java Configuration for Spring Boot Security than you have to use如果您使用 Java Configuration for Spring Boot Security,则必须使用
hasIpAddress()
有IP地址()
in SecurityConfig class that extends WebSecurityConfigurerAdapter.在扩展 WebSecurityConfigurerAdapter 的 SecurityConfig class 中。
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/api/example/**").hasIpAddress("1.1.1.1")
.anyRequest().authenticated()
.and()
.formLogin().permitAll()
.and()
.csrf().disable();
}
// Rest of Code ...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.