gpt4 book ai didi

spring - Spring Security 中的多个入口点

转载 作者:行者123 更新时间:2023-12-04 15:49:22 24 4
gpt4 key购买 nike

我有一个 Spring Boot 应用程序,它应该允许针对数据库的基于表单的身份验证和基于 SSO CAS 的身份验证。

我遵循了这里的示例( https://www.baeldung.com/spring-security-multiple-entry-points ),在我看来 Order 没有按预期工作。它总是使用注释为 Order(1) 的那个作为入口点。

这是我的代码,

@Configuration
@EnableWebSecurity
public class SecurityConfig {

@Configuration
@Order(2)
public static class WebSecurityCASConfig extends WebSecurityConfigurerAdapter {
public WebSecurityCASConfig() {
super();
}

@Autowired
private AuthenticationEntryPoint authenticationEntryPoint;



@Override
protected void configure(HttpSecurity http) throws Exception {

http

.authorizeRequests()
.antMatchers(
"/js/**",
"/css/**",
"/images/**").permitAll()
.regexMatchers("/login1")
.authenticated()
.and()
.authorizeRequests()
.and()
.httpBasic()
.authenticationEntryPoint(authenticationEntryPoint);


}


}



//second

@Configuration
@Order(1)
public static class WebSecurityDatabaseConfig extends WebSecurityConfigurerAdapter {

public WebSecurityDatabaseConfig() {
super();
}

@Autowired
UserDetailServiceImpl userDetailsService;

@Autowired
BCryptPasswordEncoder passwordEncoder;




@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {

auth.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder);

}

@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(
"/js/**",
"/css/**",
"/images/**").permitAll()
//.antMatchers("/catalog").access("hasAnyRole('ROLE_USER', 'ROLE_ADMIN')")
////.antMatchers("/login1").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/catalog", true)
.permitAll()
.usernameParameter("username")
.passwordParameter("password")
.and()
.logout()
.permitAll()
.logoutUrl("/logout").logoutSuccessUrl("/logout")
.and().exceptionHandling().accessDeniedPage("/403");


}
}

}



我希望这两种配置都基于 url 模式工作。任何解决方案/帮助/建议将不胜感激。谢谢。

最佳答案

我为此找到了解决方案。我只是简单地遵循 spring 文档在 5.9 ( https://docs.spring.io/spring-security/site/docs/5.0.0.RELEASE/reference/htmlsingle/ ) 中所说的以及关于 stackoverflow 的另一个问题,Spring Security : Multiple HTTP Config not working

关于spring - Spring Security 中的多个入口点,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54541546/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com