Spring Security is extremely flexible and is capable of authenticating users against virtually any data store. Several common user store situations—such as in-memory, relational database, and LDAP —are provided out of the box. But you can also create and plug in custom user store implementations.Spring Security’s Java configuration makes it easy to configure one or more data store options.

一、Working with an in-memory user store

1.Since your security configuration class extends WebSecurityConfigurerAdapter , the easiest way to configure a user store is to override the configure() method that takes an AuthenticationManagerBuilder as a parameter. AuthenticationManagerBuilder has several methods that can be used to configure Spring Security’s authentication

support. With the inMemoryAuthentication() method, you can enable and configure and optionally populate an in-memory user store.

 package spitter.config;

 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.context.annotation.Configuration;

 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

 import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

 @Configuration

 @EnableWebMvcSecurity

 public class SecurityConfig extends WebSecurityConfigurerAdapter {

     @Override

     protected void configure(AuthenticationManagerBuilder auth)

     throws Exception {

         auth

             .inMemoryAuthentication() //Enable an in-memory user store.

             .withUser("user").password("password").roles("USER").and()

             .withUser("admin").password("password").roles("USER", "ADMIN");

     }

 }

calling inMemoryAuthentication() will enable an in-memory user store. But you’ll also need some users in there, or else it’s as if you have no user store at all.Therefore, you need to call the withUser() method to add a new user to the in-
memory user store. The parameter given is the username. withUser() returns a UserDetailsManagerConfigurer.UserDetailsBuilder ,which has several methods for further configuration of the user, including password() to set the user’s password and roles() to give the user one or more role authorities.

2. UserDetailsManagerConfigurer.UserDetailsBuilder支的全部操作

值得注意的是,role()是调用authrities()实现的,上述代码与如下代码等效:

 auth

     .inMemoryAuthentication()

     .withUser("user").password("password")

     .authorities("ROLE_USER").and()

     .withUser("admin").password("password")

     .authorities("ROLE_USER", "ROLE_ADMIN");

SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. (转)Mysql数据库读写分离配置

    环境模拟 实现读写分离 减轻数据库的负荷 主服务器 master 10.0.0.12从服务器 slave 10.0.0.66 ------------------------------------- ...

  2. 使用python读写windows剪切板

    import win32clipboard as w import win32con base_addr = 0x8e00000 buffer_len = 0x123 def getText(): w ...

  3. Linux C 程序 获取目录信息(16)

    4.获取当前目录getcwd 会将当前工作目录绝对路径复制到参数buf所指的内存空间5.设置工作目录chdir6.获取目录信息opendir打开一个目录readdir读取目录中的内容  读取目录项信息 ...

  4. DTCMS展示一级栏目并展示各自栏目下的二级栏目

    c#代码中 <!--C#代码--> <%csharp%> string parent_id=DTRequest.GetQueryString("parent_id&q ...

  5. html5实现渐变效果

    <canvas id='test01'></canvas> <script> function draw25(id) { var canvas = document ...

  6. 設定 Bootstrap/SASS/Bower/gulp (Windows平台)

    請注意:在進行以下步驟前,你會需要先安裝git,可以參考這篇 git安裝教學 前言 時至今日,幾乎每個人都在討論bootstrap.less 或 sass.我們知道它們是比較新的前端技術,而且有開始愈 ...

  7. php Zend Opcache,xcache,eAccelerator缓存优化详解及对比

    XCACHE XCache 是一个开源的 opcode 缓存器/优化器, 这意味着他能够提高您服务器上的 PHP 性能. 他通过把编译 PHP 后的数据缓冲到共享内存从而避免重复的编译过程, 能够直接 ...

  8. 为 Web 设计师准备的 25+ 款扁平 UI 工具包

    Flat UI Kit by Riki Tanone (free) Flat UI Kit (PSD) by Devin Schulz (free) Eerste UI Kit (free) Metr ...

  9. C# 将list<>泛型集合 转化为 DataTable

    使用案例:将页面easy ui 中datagrid表格中的数据,存成json字符串, 通过ajax和ashx传入C#将string类型的json字符串解析成list<>泛型集合, 由于业务 ...

  10. oracle分页与rownum

    Oracle分页(limit方式的运用) Oracle不支持类似于 MySQL 中的 limit. 但你还是可以rownum来限制返回的结果集的行数. 第一种 select * from a_matr ...