SpringSecurity项目中如何在多个模块中配置认证信息
⒈在SpringSecurity项目中创建AuthorizeConfigProvider接口用于配置认证信息
1 package cn.coreqi.ssoserver.authorize; 2 3 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 4 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; 5 6 public interface AuthorizeConfigProvider { 7 void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config); 8 }
⒉我们实现此接口
1 package cn.coreqi.ssoserver.authorize.impl; 2 3 import cn.coreqi.ssoserver.authorize.AuthorizeConfigProvider; 4 import org.springframework.http.HttpMethod; 5 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 6 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; 7 import org.springframework.stereotype.Component; 8 9 @Component 10 public class CoreqiAuthorizeConfigProvider implements AuthorizeConfigProvider { 11 @Override 12 public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) { 13 config.antMatchers("/oauth/*","/login/*").permitAll() 14 .antMatchers(HttpMethod.GET,"/auth/*").hasRole("admin") 15 .anyRequest().authenticated(); //任何请求都需要身份认证 16 } 17 }
⒊在SpringSecurity项目中创建AuthorizeConfigManager接口用于调用系统中所有的配置信息
1 package cn.coreqi.ssoserver.authorize; 2 3 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 4 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; 5 6 public interface AuthorizeConfigManager { 7 void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config); 8 }
⒋我们实现此接口
1 package cn.coreqi.ssoserver.authorize.impl; 2 3 import cn.coreqi.ssoserver.authorize.AuthorizeConfigManager; 4 import cn.coreqi.ssoserver.authorize.AuthorizeConfigProvider; 5 import org.springframework.beans.factory.annotation.Autowired; 6 import org.springframework.security.config.annotation.web.builders.HttpSecurity; 7 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; 8 import org.springframework.stereotype.Component; 9 10 import java.util.Set; 11 12 @Component 13 public class CoreqiAuthorizeConfigManager implements AuthorizeConfigManager { 14 /** 15 * 将系统中所有的AuthorizeConfigProvider收集起来 16 */ 17 @Autowired 18 private Set<AuthorizeConfigProvider> authorizeConfigProviders; 19 @Override 20 public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) { 21 for (AuthorizeConfigProvider authorizeConfigProvider : authorizeConfigProviders ){ 22 authorizeConfigProvider.config(config); 23 } 24 config.anyRequest().authenticated(); 25 } 26 }
⒌在SpringSecurity配置中进行如下配置
1 @EnableWebSecurity 2 public class SsoWebSecurityConfig extends WebSecurityConfigurerAdapter { 3 4 @Autowired 5 private AuthorizeConfigManager authorizeConfigManager; 6 @Override 7 protected void configure(HttpSecurity http) throws Exception { 8 http.formLogin() 9 .and() 10 .csrf().disable(); //禁用CSRF 11 12 authorizeConfigManager.config(http.authorizeRequests()); 13 } 14 }
作者:奇
出处:https://www.cnblogs.com/fanqisoft/p/10685901.html
版权:本作品采用「本文版权归作者和博客园共有,欢迎转载,但必须给出原文链接,并保留此段声明,否则保留追究法律责任的权利。」许可协议进行许可。
如果文章内容对您有所帮助,欢迎赞赏.
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· 单线程的Redis速度为什么快?
· SQL Server 2025 AI相关能力初探
· AI编程工具终极对决:字节Trae VS Cursor,谁才是开发者新宠?
· 展开说说关于C#中ORM框架的用法!