![](/img/trans.png)
[英]Spring Boot OAuth2 with basic authentication and custom UserDetailsService
[英]Spring boot custom Basic authentication
我已經排除了以下基本身份驗證:
@SpringBootApplication(exclude = [SecurityAutoConfiguration::class])
class Application {
@Bean
fun rpcClient(): WrapperRpcClient {
val client = WrapperRpcClient()
client.createClient()
return client
}
}
並添加了自定義安全性,但它不起作用
@Configuration
@EnableWebSecurity
public class BasicConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
auth
.inMemoryAuthentication()
.withUser("user")
.password("password")
.roles("USER")
.and()
.withUser("admin")
.password("admin")
.roles("USER", "ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//HTTP Basic authentication
.httpBasic()
.and()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/books/**").hasRole("USER")
.antMatchers(HttpMethod.POST, "/books").hasRole("ADMIN")
.antMatchers(HttpMethod.PUT, "/books/**").hasRole("ADMIN")
.antMatchers(HttpMethod.PATCH, "/books/**").hasRole("ADMIN")
.antMatchers(HttpMethod.DELETE, "/books/**").hasRole("ADMIN")
.and()
.csrf().disable()
.formLogin().disable();
}
}
請幫忙。
嘗試配置 MethodSecurity
@Configuration
@EnableGlobalMethodSecurity(
prePostEnabled = true,
securedEnabled = true)
public class MethodSecurityConfigurer extends GlobalMethodSecurityConfiguration {
}
檢查鏈接
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.