Spring Security is extremely flexible and is capable of authenticating users against virtually any data store. Several common user store situations—such as in-memory, relational database, and LDAP —are provided out of the box. But you can also create and plug in custom user store implementations.Spring Security’s Java configuration makes it easy to configure one or more data store options.

一、Working with an in-memory user store

1.Since your security configuration class extends WebSecurityConfigurerAdapter , the easiest way to configure a user store is to override the configure() method that takes an AuthenticationManagerBuilder as a parameter. AuthenticationManagerBuilder has several methods that can be used to configure Spring Security’s authentication

support. With the inMemoryAuthentication() method, you can enable and configure and optionally populate an in-memory user store.

 package spitter.config;

 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.context.annotation.Configuration;

 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

 import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

 @Configuration

 @EnableWebMvcSecurity

 public class SecurityConfig extends WebSecurityConfigurerAdapter {

     @Override

     protected void configure(AuthenticationManagerBuilder auth)

     throws Exception {

         auth

             .inMemoryAuthentication() //Enable an in-memory user store.

             .withUser("user").password("password").roles("USER").and()

             .withUser("admin").password("password").roles("USER", "ADMIN");

     }

 }

calling inMemoryAuthentication() will enable an in-memory user store. But you’ll also need some users in there, or else it’s as if you have no user store at all.Therefore, you need to call the withUser() method to add a new user to the in-
memory user store. The parameter given is the username. withUser() returns a UserDetailsManagerConfigurer.UserDetailsBuilder ,which has several methods for further configuration of the user, including password() to set the user’s password and roles() to give the user one or more role authorities.

2. UserDetailsManagerConfigurer.UserDetailsBuilder支的全部操作

值得注意的是,role()是调用authrities()实现的,上述代码与如下代码等效:

 auth

     .inMemoryAuthentication()

     .withUser("user").password("password")

     .authorities("ROLE_USER").and()

     .withUser("admin").password("password")

     .authorities("ROLE_USER", "ROLE_ADMIN");

SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. (转)MSSQL 各个发行版本版本号以及Compact 版本号

    终于开始写博客了. 不要笑啊. 下面是MSSQL 的发行版本以及版本号.自己整理的. http://support.microsoft.com/kb/321185/zh-cn SQL Server 2 ...

  2. 第一个C++

    输入:cin>>(相当于scanf)   #include <iostream> using namespace std; int main() { int number;   ...

  3. preventDefault()、stopPropagation()、return false 之间的区别

    “return false”之所以被误用的如此厉害,是因为它看起来像是完成了我们交给它的工作,浏览器不会再将我们重定向到href中的链接,表单也不会被继续提交,但这么做到底有什么不对呢? 可能在你刚开 ...

  4. php验证码的简单例子

    php随机验证码: <?php      $image_width=140;      $image_height=50;      srand(microtime()*10000);      ...

  5. CodeIgniter 框架---学习笔记

    1.输出sql语句:echo $this->db->last_query();

  6. maven项目转eclipse工程的命令:eclipse.bat

    call mvn clean:clean call mvn eclipse:eclipse -DdownloadSources=true @pause 复制以上内容,保存为eclipse.bat 以后 ...

  7. C# 白话系列之——白话委托

    今天看到首页有个委托的文章,但大都写的太专业,而且没有实用的例子场景.正好昨天做了一个有关委托的功能,所以也来凑个热闹,用白话掰掰 一.委托是什么 我们都知道数据类型,简单点的如,想给一个变量赋值整数 ...

  8. EXTJS 4.2 资料 控件textfield中fieldLabel去掉冒号,控件label的长度

    代码: labelSeparator: '', // 去掉laebl中的冒号 labelWidth: 10,//控件label的长度

  9. POJ 2516 最小费用最大流

    每一种货物都是独立的,分成k次最小费用最大流即可! 1: /** 2: 因为e ==0 所以 pe[v] pe[v]^1 是两条相对应的边 3: E[pe[v]].c -= aug; E[pe[v]^ ...

  10. linq and rest api in sharepoint

    //1.make sure your application using the .net fromwork 3.5 //2.create entity classes using the instr ...