Spring webflux 安全 - 使用属性禁用 csrf
[英]Spring webflux Security - Disable csrf with property
问题描述
I have a Spring WebFlux security as follows and would like to control CSRF using property.
我有一个 Spring WebFlux 安全性如下,并想使用属性控制 CSRF。 How can I add if check for the CSRF alone here?如果在这里单独检查 CSRF,我该如何添加?
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
//.pathMatchers("/register", "/login").permitAll()
.anyExchange().authenticated()
.and().formLogin()
.securityContextRepository(securityContextRepository())
.and()
.exceptionHandling()
.accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.BAD_REQUEST))
.and().csrf().disable()
.build();
}
1 个解决方案
解决方案1
1 已采纳 2021-02-03 00:16:07
you just add something like:您只需添加以下内容:
// All your stuff up here then
if(!csrfEnabled) {
http.csrf().disable();
}
return http.build();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Security CSRF禁用问题 - spring security csrf disable issue
带有 WebFlux 用户禁用功能的 Spring Security 5.1.5 不起作用 - Spring Security 5.1.5 with WebFlux user disable not working
无法在Spring Boot中禁用CSRF安全性 - Cannot disable CSRF security in Spring Boot
如何在 Webflux 功能端点的测试中禁用 Spring 安全性 - How to disable Spring Security on Tests for Webflux Functional Endpoints
Spring Boot Security和Auth0-无法禁用CSRF - Spring Boot Security and Auth0 - Cannot disable CSRF
即使禁用 csrf,Spring 安全 403 禁止错误也会不断发生 - Spring security 403 forbidden error keeps happening even with csrf disable
Spring Security和CSRF攻击 - Spring Security and CSRF attack
CSRF和Spring Security - CSRF and Spring Security
使用 spring-security 和 spring-webflux 时禁用 WebSession 创建 - Disable WebSession creation when using spring-security with spring-webflux
将 Spring Security AbstractAuthenticationProcessingFilter 迁移到 WebFlux - Migrating Spring Security AbstractAuthenticationProcessingFilter to WebFlux
相关标签