Spring常用东西
WebSecurityConfigurerAdapter配合@EnableWebSecurity 提供方便的基类,用以创建WebSecurityConfigurer实例。通过HttpSecurity配置被springsecurity保护的访问规则和路径,通过UserDetailsService配置用户信息。示例:
![](https://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif)
@Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().permitAll(); http .csrf().disable(); } @Override @Bean public UserDetailsService userDetailsService() { InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager(); manager.createUser(User.withDefaultPasswordEncoder().username("user").password("password").roles("ADMIN").build()); return manager; } }
ResourceServerConfigurerAdapter 通过HttpSecurity配置被springsecurity保护的访问规则和路径,通过ResourceServerSecurityConfigurer配置资源服务器安全(包含remoteTokenServices等)
AuthorizationServerConfigurerAdapter 配置授权服务器信息。通过ClientDetailsServiceConfigurer配置客户端信息、通过AuthorizationServerSecurityConfigurer配置授权服务器安全、通过AuthorizationServerEndpointsConfigurer配置授权服务器端点(包含UserDetailsService、tokenStore配置等)