stackoom
  简体   繁体   中英

Configuring Spring Security for Oauth and Http Basic authentication

 原文  2016-02-19 09:26:42       java/ authentication/ oauth/ spring-security

Question

Within my Spring-Boot app using spring-security, I would like have some REST calls (API) to be authenticated via http basic authentication only, but all other requests should be handled via OAUTH2 (standard Oauth2 webapp with redirection to an authorization endpoint).

Http basic authentication is activated using http.httpBasic(), and oauth is activated using the @EnableOAuth2Sso annotation. But with the following configuration also my API calls are redirected to the authorization endpoint, which is not what I am aiming for. Any ideas? 

@EnableOauth2Sso
@Configuraiton
@EnableWebSecurity
public class SecurityConfig {
  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http.httpBasic().and().authorizeRequests().anyRequest().authenticated();
  }
}

1 answers

solution1
 0  2018-07-31 18:38:29

您可以使用authorizeRequests()。antMatchers()并基于URI模式对基于OAuth或Http基本安全性的资源进行分类。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring security with Oauth2 or Http-Basic authentication for the same resource Spring Security HTTP Basic Authentication Http basic authentication not working in Spring Security Spring security with Hibernate and Annotations and basic HTTP authentication <Spring Security> Having OAuth2 and basic authentication in the same application How does Spring security handle http basic authentication? Passing basic authentication details in spring security using http headers in java Spring Security authentication with HTTP Basic and OIDC Bearer Token Spring Boot 2 security basic authentication Spring Boot Security -Basic Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM