[英]Use RequestHeaderRequestMatcher and antmactcher basic auth in the same configuration Spring Security
我有这个过滤器:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers(new RequestHeaderRequestMatcher("Caller", "Rem"));
// add here a seconde filter condition for basic Auth
}
就在标头过滤器之后,我想使用下面的标识符 inMemory 制作另一个具有相同配置的过滤器:
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(NoOpPasswordEncoder.getInstance())
.withUser("myAccount").password("MyPassword").roles("USER");
}
先谢谢了。
http.httpBasic().and()
.authorizeRequests()
.requestMatchers(new AndRequestMatcher(new RequestHeaderRequestMatcher("Caller", "Rem"), new AntPathRequestMatcher("/hello/one")))
.hasRole("USER")
.and()
.authorizeRequests().anyRequest().authenticated()
.anyRequest().denyAll();
在您的场景中将“/hello/one”替换为“/**”。
解释:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.