stackoom
  简体   繁体   中英

Spring security and() function

 原文  2021-01-26 17:34:45       java/ spring/ http/ spring-security/ authorization

Question

Can you please explain in a simple way for what reason we need to use and() method in HttpSecurity.

Code:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/").hasAnyRole("Employee", "Manager", "HR")
            .antMatchers("/hr_info").hasRole("HR")
            .antMatchers("/manager_info/**").hasRole("Manager")
            .and().formLogin().permitAll();
}

1 answers

solution1
 0  2021-01-26 18:44:19

The spring security reference explains it as follows.

The Java Configuration equivalent of closing an XML tag is expressed using the and() method which allows us to continue configuring the parent. If you read the code it also makes sense. I want to configure authorized requests and configure form login and configure HTTP Basic authentication.

Accordingly , you say the following with your own settings:

  • Ensures that any request to our application requires the user to be authenticated,
  • Allows authentication for some links only to the specified role,
  • Allows users to authenticate with form based login.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring Security Custom Login Function Spring Security RememberMe function with username and id How is matches function returning false in Spring security? Spring Security Spring security Incorrect Hibernate HQL / DAO function / while coding Spring Security - Annotations Use BCrypt hashing function in Spring Boot without all the overkill security? Spring security and spring boot Spring @WebMvcTest with Spring Security Spring Security disable method security
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM