WebFlux Spring Security配置
最小化可运行配置
package com.terwergreen.bugucms.config;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
import java.net.URI;
/**
* @Author Terwer
* @Date 2018/6/22 15:55
* @Version 1.0
* @Description 安全授权配置
**/
@EnableWebFluxSecurity
public class SecurityConfig {
private Log logger = LogFactory.getLog(this.getClass());
@Autowired
PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
logger.info("WebFlux Security begin");
return http
.authorizeExchange()
.pathMatchers("/admin/**")
.authenticated()
.pathMatchers("/**")
.permitAll()
.and()
.csrf()
//.csrfTokenRepository(customCsrfTokenRepository)
//.requireCsrfProtectionMatcher(customCsrfMatcher)
.and()
.formLogin()
//.loginPage("/login")
//.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/login?error"))
//.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/admin"))
.and()
.logout()
//.logoutUrl("/logout")
.logoutSuccessHandler(logoutSuccessHandler("/login?logout"))
.and()
.build();
}
public ServerLogoutSuccessHandler logoutSuccessHandler(String uri) {
RedirectServerLogoutSuccessHandler successHandler = new RedirectServerLogoutSuccessHandler();
successHandler.setLogoutSuccessUrl(URI.create(uri));
return successHandler;
}
@Bean
public ReactiveUserDetailsService userDetailsService() {
//内存中缓存权限数据
User.UserBuilder userBuilder = User.builder();
UserDetails admin = userBuilder.username("admin").password(passwordEncoder.encode("123456")).roles("USER", "ADMIN").build();
// 输出加密密码
String encodePassword = passwordEncoder.encode("123456");
logger.info("encodePassword:" + encodePassword);
return new MapReactiveUserDetailsService(admin);
}
}
参考
https://www.sudoinit5.com/post/spring-reactive-auth-forms/
WebFlux Spring Security配置的更多相关文章
- spring boot 之 spring security 配置
Spring Security简介 之前项目都是用shiro,但是时过境迁,spring security变得越来越流行.spring security的前身是Acegi, acegi 我也玩过,那都 ...
- spring security 配置多个AuthenticationProvider
前言 发现很少关于spring security的文章,基本都是入门级的,配个UserServiceDetails或者配个路由控制就完事了,而且很多还是xml配置,国内通病...so,本文里的配置都是 ...
- Spring学习日志之Spring Security配置
依赖引入 <dependency> <groupId>org.springframework.security</groupId> <artifactId&g ...
- Spring Security配置
更加优雅地配置Spring Securiy(使用Java配置和注解):https://www.cnblogs.com/xxzhuang/p/5960001.html 采用注解方式实现security: ...
- Spring Security配置个过滤器也这么卷
以前胖哥带大家用Spring Security过滤器实现了验证码认证,今天我们来改良一下验证码认证的配置方式,更符合Spring Security的设计风格,也更加内卷. CaptchaAuthent ...
- spring mvc 和spring security配置 web.xml设置
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://xmln ...
- 通过 Spring Security配置 解决X-Frame-Options deny 造成的页面空白 iframe调用问题
spring Security下,X-Frame-Options默认为DENY,非Spring Security环境下,X-Frame-Options的默认大多也是DENY,这种情况下,浏览器拒绝当前 ...
- spring mvc 和spring security配置 spring-servlet.xml和spring-security.xml设置
spring-servlet.xml配置 <?xml version="1.0" encoding="UTF-8"?> <beans xmln ...
- 最简单的Spring Security配置示例
代码结构: pom.xml <?xml version="1.0" encoding="UTF-8"?> <project xmlns=&qu ...
随机推荐
- NetBpm XML解读(5)
原文: nPdl的翻译 在看NetBPM的nPdl文档时做了个翻译,一来是让自己能更好的理解nPdl,二来是希望能得到关心NetBPM的同志的指导. 由于对工作流不熟悉,所以有不少术语翻译没有把 ...
- 在MVC中实现和网站不同服务器的批量文件下载以及NPOI下载数据到Excel的简单学习
嘿嘿,我来啦,最近忙啦几天,使用MVC把应该实现的一些功能实现了,说起来做项目,实属感觉蛮好的,即可以学习新的东西,又可以增加自己之前知道的知识的巩固,不得不说是双丰收啊,其实这周来就开始面对下载在挣 ...
- Android自定义字体
1.在assets中创建文件夹fonts,放入字体文件.ttf 2.使用实例: TextView tv= (TextView)findViewById(R.id.tv); Typeface tf = ...
- delphixe10 android操作 打电话,摄像头,定位等
XE6 不支持JStringToString.StringTojString.StrToJURI:use Androidapi.Helpers //Splash Image Delphi XE5,XE ...
- cxGrid使用汇总4
1. CxGrid汇总功能 ① OptionsView-Footer设置为True,显示页脚 ② CxGrid的Summary选项卡定义要汇总的列和字段名及汇总方式,Footer选项卡定义 ...
- java基础---->使用Itext生成数据库文档
这里简单的介绍一下使用Itext生成数据库表的文档.于是我们领教了世界是何等凶顽,同时又得知世界也可以变得温存和美好. 生成数据库的文档 一.maven项目需要引入的jar依赖 <depende ...
- Node.js- sublime搭建node的编译环境
自动配置: 1.安装package control(见 http://www.cnblogs.com/padding1015/p/7763014.html) 2.sublime编辑器中,按快捷键:ct ...
- javascript取querystring,存储为hash
function getUrlVars() { var vars = [], hash; var hashes = window.location.href.slice(window.location ...
- java(6) ArrayList源码
系统环境: JDK 1.7 成员变量 //默认的初始化数组大小 private static final int DEFAULT_CAPACITY = 10; //空的对象数组 private sta ...
- java(1) 编程基础
1.classpath 环境变量 * 当java虚拟机需要运行一个类时,会在classpath 环境变量中所定义的路径下寻找所需的class文件 2.java 的基本语法 * java 语言是严格区分 ...