Spring Security配置到Java配置
[英]Spring security configuration to java configuration
问题描述
我没有运气尝试将此配置转换为java config我已经准备好所有类,但我可以弄清楚请帮助
<bean id="passwordEncoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
<constructor-arg value="ThisIsASecretSoChangeMe" />
</bean>
<security:authentication-manager id="authenticationManager">
<security:authentication-provider user-service-ref="userDao">
<security:password-encoder ref="passwordEncoder"></security:password-encoder>
</security:authentication-provider>
</security:authentication-manager>
<security:http
realm="Protected API"
use-expressions="true"
auto-config="false"
create-session="stateless"
entry-point-ref="unauthorizedEntryPoint"
authentication-manager-ref="authenticationManager">
<security:custom-filter ref="authenticationTokenProcessingFilter" position="FORM_LOGIN_FILTER" />
<security:intercept-url pattern="/rest/user/authenticate" access="permitAll" />
<security:intercept-url method="GET" pattern="/rest/news/**" access="hasRole('user')" />
<security:intercept-url method="PUT" pattern="/rest/news/**" access="hasRole('admin')" />
<security:intercept-url method="POST" pattern="/rest/news/**" access="hasRole('admin')" />
<security:intercept-url method="DELETE" pattern="/rest/news/**" access="hasRole('admin')" />
</security:http>
<bean id="unauthorizedEntryPoint" class="net.dontdrinkandroot.example.angularrestspringsecurity.rest.UnauthorizedEntryPoint" />
<bean class="net.dontdrinkandroot.example.angularrestspringsecurity.rest.AuthenticationTokenProcessingFilter" id="authenticationTokenProcessingFilter">
<constructor-arg ref="userDao" />
</bean>
1 个解决方案
解决方案1
0 2014-09-19 19:05:20
这似乎已经在本博文Spring中得到了解决:等效于security:authentication-manager和security:global-method-security的注释
我暂时以xml格式离开了我的。 我从rest-services-config.xml中剥离了除安全配置之外的所有内容,然后将其导入到新的configWebXml类中,如下所示:
@Configuration
@ComponentScan
@EnableAutoConfiguration
@ImportResource("classpath:rest-services-config.xml")
public class ConfigWebXml extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
在执行此操作之前,不会清除安全上下文。 成功登录后,它将永远不会返回并验证令牌。 这使我可以转换为基于完整注释的springboot应用程序,但spring安全性除外。
希望这可以帮助。
在Spring Security中将XML配置转换为Java配置以实现全局方法安全
[英]Converting XML configuration to java configuration in spring security for global method security
Java 配置中的 Spring Security XML 配置和 Spring SAML
[英]Spring Security XML configuration and Spring SAML in Java configuration
Spring Security 配置中的 BcryptEncoder 配置
[英]BcryptEncoder configuration in Spring Security Configuration
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Security Java配置
Spring Security(Java配置)问题
具有Java配置的Spring MVC +安全性
验证Spring Security Java配置
Spring Security Java配置混乱
Spring Security 3.2 Java配置
在Spring Security中将XML配置转换为Java配置以实现全局方法安全
Java 配置中的 Spring Security XML 配置和 Spring SAML
Spring Security 配置中的 BcryptEncoder 配置
没有XML的Spring Security 4.0.0 Java配置
相关标签