Spring Security is extremely flexible and is capable of authenticating users against virtually any data store. Several common user store situations—such as in-memory, relational database, and LDAP —are provided out of the box. But you can also create and plug in custom user store implementations.Spring Security’s Java configuration makes it easy to configure one or more data store options.

一、Working with an in-memory user store

1.Since your security configuration class extends WebSecurityConfigurerAdapter , the easiest way to configure a user store is to override the configure() method that takes an AuthenticationManagerBuilder as a parameter. AuthenticationManagerBuilder has several methods that can be used to configure Spring Security’s authentication

support. With the inMemoryAuthentication() method, you can enable and configure and optionally populate an in-memory user store.

 package spitter.config;

 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.context.annotation.Configuration;

 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

 import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;

 @Configuration

 @EnableWebMvcSecurity

 public class SecurityConfig extends WebSecurityConfigurerAdapter {

     @Override

     protected void configure(AuthenticationManagerBuilder auth)

     throws Exception {

         auth

             .inMemoryAuthentication() //Enable an in-memory user store.

             .withUser("user").password("password").roles("USER").and()

             .withUser("admin").password("password").roles("USER", "ADMIN");

     }

 }

calling inMemoryAuthentication() will enable an in-memory user store. But you’ll also need some users in there, or else it’s as if you have no user store at all.Therefore, you need to call the withUser() method to add a new user to the in-
memory user store. The parameter given is the username. withUser() returns a UserDetailsManagerConfigurer.UserDetailsBuilder ,which has several methods for further configuration of the user, including password() to set the user’s password and roles() to give the user one or more role authorities.

2. UserDetailsManagerConfigurer.UserDetailsBuilder支的全部操作

值得注意的是,role()是调用authrities()实现的,上述代码与如下代码等效:

 auth

     .inMemoryAuthentication()

     .withUser("user").password("password")

     .authorities("ROLE_USER").and()

     .withUser("admin").password("password")

     .authorities("ROLE_USER", "ROLE_ADMIN");

SPRING IN ACTION 第4版笔记-第九章Securing web applications-002-把用户数据存在memory里(AuthenticationManagerBuilder、 UserDetailsManagerConfigurer.UserDetailsBuilder)的更多相关文章

  1. SPRING IN ACTION 第4版笔记-第九章Securing web applications-003-把用户数据存在数据库

    一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To c ...

  2. SPRING IN ACTION 第4版笔记-第九章Securing web applications-001-SpringSecurity简介(DelegatingFilterProxy、AbstractSecurityWebApplicationInitializer、WebSecurityConfigurerAdapter、@EnableWebSecurity、@EnableWebMvcS)

    一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your ...

  3. SPRING IN ACTION 第4版笔记-第九章Securing web applications-011-把敏感信息请求转为https(requiresChannel())

    1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Overri ...

  4. SPRING IN ACTION 第4版笔记-第九章Securing web applications-010-拦截请求

    一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method ...

  5. SPRING IN ACTION 第4版笔记-第九章Securing web applications-008-使用非关系型数据库时如何验证用户(自定义UserService)

    一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mo ...

  6. SPRING IN ACTION 第4版笔记-第九章Securing web applications-007-设置LDAP server比较密码(contextSource、root()、ldif()、)

    一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is li ...

  7. SPRING IN ACTION 第4版笔记-第九章Securing web applications-004-对密码加密passwordEncoder

    一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored ...

  8. SPRING IN ACTION 第4版笔记-第九章Securing web applications-009-拦截请求()

    一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome ...

  9. SPRING IN ACTION 第4版笔记-第九章Securing web applications-006-用LDAP比较密码(passwordCompare()、passwordAttribute("passcode")、passwordEncoder(new Md5PasswordEncoder()))

    一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticatin ...

随机推荐

  1. 返璞归真vc++之感言

    本人自述,大专学历,感觉自己也属于好学型学生,历任班上学习委员3年有余,参与学校项目几多个,不知道不觉从11年毕业已有3个年头,3年来,不敢苟同自己的生活方式,奈何人生无奈..从刚开始的电子商务公司转 ...

  2. [转]C#发送Email邮件 (实例:QQ邮箱和Gmail邮箱)

    下面用到的邮件账号和密码都不是真实的,需要测试就换成自己的邮件账号. 需要引用:using System.Net.Mail;using System.Text;using System.Net; 程序 ...

  3. jquery实现抽奖转盘

    用jquery通过配置参数实现抽奖转盘 1.html代码 <!DOCTYPE html> <html lang="zh-CN"> <head> ...

  4. Python 三大神器

    Python 三大神器 Python 中有很多优秀的包,本文主要讲一下 pip, virtualenv, fabric 1. pip 用来包管理 文档:https://pip.pypa.io/en/l ...

  5. Mac OS X安装OpenCV 3.1.0

    在我的上一篇文章“”中已经介绍了Linux下OpenCV的安装配置方法,在这里仅仅记录Mac上相对于Linux的一点点差异. 1. 安装依赖包 Mac上安装软件包使用的工具是brew,用此来替代Ubu ...

  6. SQL做日历

    DECLARE @DATE DATETIME SET @DATE=GETDATE() SELECT SUN -DAY(@DATE),@DATE))=@DATE THEN '*' ELSE '' END ...

  7. 新贵HTML5,2016的发展方向会怎样?

    2014年下半年,微信捧火了HTML5小游戏,自此国内各行各业开始对HTML5保持高涨关注.2015年是国内HTML5行业迅速发展的一年,在媒体大肆渲染“互联网寒冬”之际,HTML5作品的生产数量和传 ...

  8. ECSHOP 支付宝发货确认接口,记录支付宝返回的交易号

    1,在order_info 数据表尾添加trade_no 字段 数据表尾怎么添加trade_no 字段 ECSHOP为了支付宝发货确认接口,需要记录支付宝返回的交易号 1,在order_info 数据 ...

  9. if...else..的错误用法

    1.最近在写js代码完成一个前段DOM操作的函数时,自己错误的使用了if..else..控制体.为什么是错误的呢?看看我的 代码你就明白了: document.getElementsByClassNa ...

  10. 种子填充找连通块 floodfill

    Description Due to recent rains, water has pooled in various places in Farmer John's field, which is ...