[英]Use RequestHeaderRequestMatcher and antmactcher basic auth in the same configuration Spring Security
我有這個過濾器:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers(new RequestHeaderRequestMatcher("Caller", "Rem"));
// add here a seconde filter condition for basic Auth
}
就在標頭過濾器之后,我想使用下面的標識符 inMemory 制作另一個具有相同配置的過濾器:
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(NoOpPasswordEncoder.getInstance())
.withUser("myAccount").password("MyPassword").roles("USER");
}
先謝謝了。
http.httpBasic().and()
.authorizeRequests()
.requestMatchers(new AndRequestMatcher(new RequestHeaderRequestMatcher("Caller", "Rem"), new AntPathRequestMatcher("/hello/one")))
.hasRole("USER")
.and()
.authorizeRequests().anyRequest().authenticated()
.anyRequest().denyAll();
在您的場景中將“/hello/one”替換為“/**”。
解釋:
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.