stackoom
  简体   繁体   中英

What's the difference between 'configure' and 'configureGlobal' methods?

 原文  2016-01-26 21:02:52       java/ spring/ spring-security

Question

I'm playing around with Spring Security configuration and find out, that the most common way to configure in-memory authentication is using configureGlobal() method:

@Configuration
@EnableWebMvcSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired
  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{
    auth
      .inMemoryAuthentication()
        .withUser("user").password("userPwd").roles("USER");
  }
}

But there is another way, which is less widely used, overriding configure() method from WebSecurityConfigurerAdapter :

@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
      .inMemoryAuthentication(
        .withUser("user").password("userPwd").roles("USER");
  }
}

I'm just wondering, what's the difference between them and what's the point of usage configureGlobal() method over configure() one?

2 answers

solution1
 3  2019-12-22 09:32:33

This answer helped me.

Difference between registerGlobal(), configure(), configureGlobal(),configureGlobalSecurity in Spring security

If you already extend class like WebMvcConfiguratorAdapter , you have two choices for security settings.

  1. Using configureGlobal() method:

    • Single @Configuration class approach.
    • You can set security while maintaining your config class.
    • SpringWebConfig extends WebMvcConfigurerAdapter + @EnableWebSecurity

  2. Overriding configure() method:

    • Specific security @Configuration class.
    • You must create a new config class to extend WebSecurityConfiguratorAdapter for security setup.
    • MySecurityConfig extends WebSecurityConfigurerAdapter

solution2
 2  2016-01-26 21:30:43

As the spring security doc says:

The name of the configureGlobal method is not important. However, it is important to only configure AuthenticationManagerBuilder in a class annotated with either @EnableWebSecurity , @EnableGlobalMethodSecurity , or @EnableGlobalAuthentication . Doing otherwise has unpredictable results.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Difference between registerGlobal(), configure(), configureGlobal(),configureGlobalSecurity in Spring security What's the difference between blocks and methods in Java? What's difference between these two generic methods? What's the difference between Calendar's getActualMinimum and getGreatestMinimum methods? What's the difference between EasyMock's .andReturn and .andAnswer methods? What's the difference between the methods findAttribute() and getAttribute() in servlet? What's the difference between getRequestURI and getPathInfo methods in HttpServletRequest? what's the difference between save() and persists() methods in hibernate regarding with cascading? AST: what's the difference between visiting and just using query methods? What's the difference between the java vector methods set() and setElementAt()?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM