chat03项目的解析
1.
.rememberMe(rememberMe -> rememberMe .key("someSecret") .tokenValiditySeconds(86400)) .authorizeRequests(authorizeRequests -> authorizeRequests .anyRequest().authenticated()); 这段代码是什么意思
2.
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.requestMatchers(PathRequest.toStaticResources().atCommonLocations());
} 这段代码是啥意思
3.
@RequiredArgsConstructor 标签的作用是什么
4.
@Order(100) 标签的作用
5.
web.ignoring() 和 .permitAll() 的区别
ignoring() 是指请求不需要通过过滤器链
6.
Spring Security 中什么叫身份验证
7.
@Override public void configure(WebSecurity web) throws Exception { web.ignoring() .requestMatchers(PathRequest.toStaticResources().atCommonLocations()); } 这段代码是啥意思
8.
发送请求的时候 Authorization: Basic user 是啥意思
9.
@Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } 这段代码有啥用
10.
@Bean public PasswordEncoder passwordEncoder() { // 默认编码算法的 Id val idForEncode = "bcrypt"; // 要支持的多种编码器 val encoders = Map.of( idForEncode, new BCryptPasswordEncoder(), "SHA-1", new MessageDigestPasswordEncoder("SHA-1") ); return new DelegatingPasswordEncoder(idForEncode, encoders); } 这段代码是啥意思
11.
private RestAuthenticationFilter restAuthenticationFilter() throws Exception { RestAuthenticationFilter filter = new RestAuthenticationFilter(objectMapper); filter.setAuthenticationSuccessHandler(jsonAuthenticationSuccessHandler()); filter.setAuthenticationFailureHandler(jsonLoginFailureHandler()); filter.setAuthenticationManager(authenticationManager()); filter.setFilterProcessesUrl("/authorize/login"); return filter; } 这段代码啥意思
12.
filter.setFilterProcessesUrl("/authorize/login"); 可以干嘛用
13.
private AuthenticationFailureHandler jsonLoginFailureHandler() {
return (req, res, exp) -> {
val objectMapper = new ObjectMapper();
res.setStatus(HttpStatus.UNAUTHORIZED.value());
res.setContentType(MediaType.APPLICATION_JSON_VALUE);
res.setCharacterEncoding("UTF-8");
val errData = Map.of(
"title", "认证失败",
"details", exp.getMessage()
);
res.getWriter().println(objectMapper.writeValueAsString(errData));
};
} 这段代码啥意思
14.
@Override public void addResourceHandlers(ResourceHandlerRegistry registry) { registry.addResourceHandler("/webjars/**") .addResourceLocations("/webjars/") .resourceChain(false); registry.setOrder(1); } 这段代码啥意思
15.
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
registry.addViewController("/").setViewName("index");
registry.setOrder(Ordered.HIGHEST_PRECEDENCE);
} 这段代码是啥意思
16.
public MessageResolver messageResolver() {
return new SpringMessageResolver(messageSource);
} 这段代码啥意思
17.
@Bean
public LocalValidatorFactoryBean getValidator() {
LocalValidatorFactoryBean bean = new LocalValidatorFactoryBean();
bean.setValidationMessageSource(messageSource);
return bean;
} 这段代码啥意思
18.
@PasswordMatches 标签啥意思
19.
为什么在使用@PasswordMatches 标签 的时候,必须结合另外两个注解:@ValidPassword 和 @NotBlank,
20.
@ControllerAdvice public class ExceptionHandler implements ProblemHandling { @Override public boolean isCausalChainsEnabled() { return true; } } 这段代码有啥用
21.
springsecurity的ProblemHandling 类 和 SecurityAdviceTrait 类 的区别是什么
22.
springsecurity 中的HTTP 问题 和 安全问题的区别是什么
23.
springsecurity的ProblemHandling 类 怎么使用
24.
springsecurity的SecurityAdviceTrait 类 怎么使用,有啥好处
25.
springsecurity的SecurityAdviceTrait 类 的使用过程的例子
26.
springsecurity的ProblemHandling 类 的使用过程的例子
27.
@ControllerAdvice public class ExceptionHandler implements ProblemHandling { @Override public boolean isCausalChainsEnabled() { return true; } } 这段代码什么意思
28.
context.disableDefaultConstraintViolation(); context.buildConstraintViolationWithTemplate(String.join(",", validator.getMessages(result))) .addConstraintViolation(); 这段代码啥意思
29.@SpringBootApplication(exclude = ErrorMvcAutoConfiguration.class) 这段代码啥意思
30.
spring: messages: always-use-message-format: false basename: messages encoding: UTF-8 fallback-to-system-locale: true use-code-as-default-message: false mvc: throw-exception-if-no-handler-found: true resources: add-mappings: false 上面这段application.yml 是啥意思