Spring常用东西

WebSecurityConfigurerAdapter配合@EnableWebSecurity 提供方便的基类,用以创建WebSecurityConfigurer实例。通过HttpSecurity配置被springsecurity保护的访问规则和路径,通过UserDetailsService配置用户信息。示例:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().permitAll();
        http .csrf().disable();
    }

    @Override
    @Bean
    public UserDetailsService userDetailsService() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withDefaultPasswordEncoder().username("user").password("password").roles("ADMIN").build());
        return manager;
    }
}
View Code

ResourceServerConfigurerAdapter 通过HttpSecurity配置被springsecurity保护的访问规则和路径,通过ResourceServerSecurityConfigurer配置资源服务器安全(包含remoteTokenServices等)

AuthorizationServerConfigurerAdapter 配置授权服务器信息。通过ClientDetailsServiceConfigurer配置客户端信息、通过AuthorizationServerSecurityConfigurer配置授权服务器安全、通过AuthorizationServerEndpointsConfigurer配置授权服务器端点(包含UserDetailsService、tokenStore配置等)

 

posted @ 2020-05-29 17:32  豆苗稀  阅读(136)  评论(0编辑  收藏  举报