WebFlux Spring Security配置
最小化可運行配置
package com.terwergreen.bugucms.config;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
import java.net.URI;
/**
* @Author Terwer
* @Date 2018/6/22 15:55
* @Version 1.0
* @Description 安全受權配置
**/
@EnableWebFluxSecurity
public class SecurityConfig {
private Log logger = LogFactory.getLog(this.getClass());
@Autowired
PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
logger.info("WebFlux Security begin");
return http
.authorizeExchange()
.pathMatchers("/admin/**")
.authenticated()
.pathMatchers("/**")
.permitAll()
.and()
.csrf()
//.csrfTokenRepository(customCsrfTokenRepository)
//.requireCsrfProtectionMatcher(customCsrfMatcher)
.and()
.formLogin()
//.loginPage("/login")
//.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/login?error"))
//.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/admin"))
.and()
.logout()
//.logoutUrl("/logout")
.logoutSuccessHandler(logoutSuccessHandler("/login?logout"))
.and()
.build();
}
public ServerLogoutSuccessHandler logoutSuccessHandler(String uri) {
RedirectServerLogoutSuccessHandler successHandler = new RedirectServerLogoutSuccessHandler();
successHandler.setLogoutSuccessUrl(URI.create(uri));
return successHandler;
}
@Bean
public ReactiveUserDetailsService userDetailsService() {
//內存中緩存權限數據
User.UserBuilder userBuilder = User.builder();
UserDetails admin = userBuilder.username("admin").password(passwordEncoder.encode("123456")).roles("USER", "ADMIN").build();
// 輸出加密密碼
String encodePassword = passwordEncoder.encode("123456");
logger.info("encodePassword:" + encodePassword);
return new MapReactiveUserDetailsService(admin);
}
}
參考
https://www.sudoinit5.com/post/spring-reactive-auth-forms/java
相關文章
- 1. Spring Security: Webflux 默認配置
- 2. Spring 5.2.2 WebFlux 之HTTP緩存、WebFlux 配置
- 3. spring security配置
- 4. Spring Security 配置
- 5. spring security 配置
- 6. SPRING SECURITY JAVA配置:Web Security
- 7. spring boot 之 spring security 配置
- 8. Spring WebFlux (7): Springboot Security+jwt登陸鑑權
- 9. Spring Security配置JSON登陸
- 10. spring-security 配置文件
- 更多相關文章...
- • Eclipse Debug 配置 - Eclipse 教程
- • Spring Bean的配置及常用屬性 - Spring教程
- • IDEA下SpringBoot工程配置文件沒有提示
- • IntelliJ IDEA 代碼格式化配置和快捷鍵
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Spring Security: Webflux 默認配置
- 2. Spring 5.2.2 WebFlux 之HTTP緩存、WebFlux 配置
- 3. spring security配置
- 4. Spring Security 配置
- 5. spring security 配置
- 6. SPRING SECURITY JAVA配置:Web Security
- 7. spring boot 之 spring security 配置
- 8. Spring WebFlux (7): Springboot Security+jwt登陸鑑權
- 9. Spring Security配置JSON登陸
- 10. spring-security 配置文件