没有登录表单的 Spring Boot 安全性
[英]Spring Boot Security without Login Form
问题描述
I want to add security to a Spring Boot application so I thought about using Spring Security.
我想为 Spring Boot 应用程序添加安全性,所以我考虑使用 Spring Security。 My only problem is the Login Form, Is there some way to authenticate a User by reading the login credentials from a config file instead of letting someone type in the name and password?我唯一的问题是登录表单,是否有某种方法可以通过从配置文件中读取登录凭据而不是让某人输入名称和密码来验证用户身份? I want to do that because the application will be running on a Raspberry Pi.我想这样做是因为该应用程序将在 Raspberry Pi 上运行。 What would be the best approach for something like that?对于这样的事情,最好的方法是什么?
1 个解决方案
解决方案1
3 2020-01-31 07:25:26
You can use basic authentication and pass username and password in the header.您可以使用基本身份验证并在标头中传递用户名和密码。
The configuration could look like this:配置可能如下所示:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/api/dashboard/**").permitAll()
.anyRequest().authenticated()
.and().httpBasic();
http.csrf().disable();
}
From the client you have to add the header:从客户端,您必须添加标题:
Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l
The string behind Basic is the Base64 encoded username:password Basic 后面的字符串是 Base64 编码的 username:password
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.