参考: https://geocolumbus.github.io/HTTPS-ELB-AWS-Spring-Boot/
1. 在服务器端配置 证书 域名 映射
2. 导入依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
3.配置
@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private LdapConfig ldapConfig; @Autowired private CorsConfig corsConfig; @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Value("${security.https.path}") private String httpsPath; // 项目路径 ,正式环境 配置 "/" 即可 @Override protected void configure(HttpSecurity http) throws Exception { http .requiresChannel().antMatchers(httpsPath).requiresSecure() .and() .authorizeRequests() //.antMatchers("/ui/**").fullyAuthenticated() //.antMatchers("/file/**").fullyAuthenticated() .antMatchers("/**").permitAll() .and().cors() .and().csrf().disable(); } }
(备份)
@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private LdapConfig ldapConfig; @Autowired private CorsConfig corsConfig; @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Value("${security.https.path}") private String httpsPath; @Bean public UserDetailsContextMapper userDetailsContextMapper() { return new LdapUserDetailsMapper() { @Override public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) { UserDetails details = super.mapUserFromContext(ctx, username, authorities); return new UserDetail((LdapUserDetails) details); } }; } @Override protected void configure(HttpSecurity http) throws Exception { http .requiresChannel().antMatchers(httpsPath).requiresSecure() .and() .authorizeRequests() .antMatchers("/ui/**").fullyAuthenticated() .antMatchers("/file/**").fullyAuthenticated() .antMatchers("/**").permitAll() .and().cors() .and().csrf().disable(); } @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth .ldapAuthentication() .userDetailsContextMapper(userDetailsContextMapper()) .userDnPatterns("uid={0},ou=people") .groupSearchBase("ou=groups") .contextSource() .url(ldapConfig.getUrl()+ldapConfig.getBase_dc()) .managerDn(ldapConfig.getUsername()) .managerPassword(ldapConfig.getPassword()); } @Bean CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(corsConfig.getAllowedOrigins()); configuration.setAllowedMethods(corsConfig.getAllowedMethods()); configuration.setAllowedHeaders(corsConfig.getAllowedHeaders()); configuration.setAllowCredentials(corsConfig.getAllowedCredentials()); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); return source; } }
4.在application. yml 或者 application.properties 中配置:
server: port: 7000 servlet: session: timeout: 1800 tomcat: max-threads: 10 remote-ip-header: x-forwarded-for protocol-header: x-forwarded-proto
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· AI 智能体引爆开源社区「GitHub 热点速览」
· 三行代码完成国际化适配,妙~啊~
· .NET Core 中如何实现缓存的预热?