Spring Security is extremely flexible and is capable of authenticating users against virtually any data store. Several common user store situations—such as in-memory, relational database, and LDAP —are provided out of the box. But you can also create and plug in custom user store implementations.Spring Security’s Java configuration makes it easy to configure one or more data store options.

一、Working with an in-memory user store

1.Since your security configuration class extends WebSecurityConfigurerAdapter , the easiest way to configure a user store is to override the configure() method that takes an AuthenticationManagerBuilder as a parameter. AuthenticationManagerBuilder has several methods that can be used to configure Spring Security’s authentication

support. With the inMemoryAuthentication() method, you can enable and configure and optionally populate an in-memory user store.

 package spitter.config;

 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.context.annotation.Configuration;

 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

 import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

 @Configuration

 @EnableWebMvcSecurity

 public class SecurityConfig extends WebSecurityConfigurerAdapter {

     @Override

     protected void configure(AuthenticationManagerBuilder auth)

     throws Exception {

         auth

             .inMemoryAuthentication() //Enable an in-memory user store.

             .withUser("user").password("password").roles("USER").and()

             .withUser("admin").password("password").roles("USER", "ADMIN");

     }

 }

calling inMemoryAuthentication() will enable an in-memory user store. But you’ll also need some users in there, or else it’s as if you have no user store at all.Therefore, you need to call the withUser() method to add a new user to the in-
memory user store. The parameter given is the username. withUser() returns a UserDetailsManagerConfigurer.UserDetailsBuilder ,which has several methods for further configuration of the user, including password() to set the user’s password and roles() to give the user one or more role authorities.

2. UserDetailsManagerConfigurer.UserDetailsBuilder支的全部操作

值得注意的是,role()是调用authrities()实现的,上述代码与如下代码等效:

 auth

     .inMemoryAuthentication()

     .withUser("user").password("password")

     .authorities("ROLE_USER").and()

     .withUser("admin").password("password")

     .authorities("ROLE_USER", "ROLE_ADMIN");

SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. 关于css3 中filter的各种特效

    做项目时遇到了一个有趣的css特效. 目前各大浏览器对于css3的兼容已经非常好了,最新版本都可以支持css3,老版本的ie9以下的还是不支持,不过这不是重点,微软都准备放弃这些老古董了. 现在规范中 ...

  2. Spring事务配置的五种方式(转发)

    Spring事务配置的五种方式(原博客地址是http://www.blogjava.net/robbie/archive/2009/04/05/264003.html)挺好的,收藏转发 前段时间对Sp ...

  3. Windows下bmp文件格式

    6.1 BMP文件格式 6.1.1 简介 位图文件(Bitmap-File,BMP)格式是Windows采用的图像文件存储格式,在Windows环境下运行的所有图像处理软件都支持这种格式.Window ...

  4. L002-oldboy-mysql-dba-lesson02

            L002-oldboy-mysql-dba-lesson02 [root@web01 ~]# mysql -uroot -ptestpassword mysql> use mys ...

  5. php学习问题记录

    1.微信应用开发,Token认证失败,解决方法php页面加上一句代码: header('content-type:text');

  6. WinForms 小型HTML服务器

    最近教学,使用到了Apache和IIS,闲着无聊,有种想自己写个小服务器的冲动. 在网上找了半天的资料,最后终于搞定了,测试可以访问.效果图如下: 因为只是处理简单的请求,然后返回请求的页面,所以没有 ...

  7. Xcode更改配色方案

    更改配色方案:Xcode > PReferences > Fonts & Color /********************************************** ...

  8. CentOS 安装配置memcached (转)

    1.先下载memcached 和libevent. libevent 最新的稳定版: wget http://monkey.org/~provos/libevent-1.4.14b-stable.ta ...

  9. MySQL Connector Net连接vs2012问题

    最近做一.NET项目,数据库用到MySQL,可是在VS2012连接数据库是遇到问题,提示:Authentication with old password no longer supported, u ...

  10. WPF后台更换背景图-Background

    Uri uri = new Uri("Images/BACK.gif", UriKind.Relative);BitmapImage bimg = new BitmapImage( ...