Java 如何将SpringWebSecurity配置添加到现有项目中

我想在现有的SpringRESTAPI项目中添加一个简单的WebSecurity配置适配器配置来测试它。但是当spring启动时，它不会加载配置。也许我需要将它添加到应用程序上下文中，但我不知道如何做

如果我做一个

curl localhost:8080/

总是得到一个未经授权的响应，那么我认为这不是在加载配置，为什么呢？或者，我应该如何加载它？ 在我在github上看到的所有不同的项目中，他们从来没有做过特殊的事情来加载它！这可能是因为它首先加载了一个经过修饰的servlet

这是简单的web安全配置：

@SuppressWarnings("SpringJavaAutowiringInspection")
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private UserDetailsService userDetailsService;

@Autowired
public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
    authenticationManagerBuilder
            .userDetailsService(this.userDetailsService)
            .passwordEncoder(passwordEncoder());
}

@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}

@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
    httpSecurity
            // we don't need CSRF because our token is invulnerable
            .csrf().disable()

            // don't create session
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()

            .authorizeRequests()
            //.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()

            // allow anonymous resource requests
            .antMatchers(
                    HttpMethod.GET,
                    "/",
                    "/*.html",
                    "/favicon.ico",
                    "/**/*.html",
                    "/**/*.css",
                    "/**/*.js",
                    "/**"
            ).permitAll()
            .antMatchers("/auth/**").permitAll()
            .anyRequest().authenticated();

    // disable page caching
    httpSecurity.headers().cacheControl();
}
}

这是我的申请表

@Configuration
@EnableConfigurationProperties
@ComponentScan(basePackageClasses = SimpleCORSFilter.class)
@EnableAutoConfiguration    org.springframework.boot.actuate.autoconfigure.ManagementSecurityAutoConfiguration.class})
@EntityScan(basePackages = "com.thing.model")
@RestController
public class Application {


    @Bean
    public FilterRegistrationBean filterRegistrationBean() {
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
        registrationBean.setFilter(characterEncodingFilter);
        characterEncodingFilter.setEncoding("UTF-8");
        characterEncodingFilter.setForceEncoding(true);
        registrationBean.setOrder(Integer.MIN_VALUE);
        registrationBean.addUrlPatterns("/*");
        return registrationBean;
    }    




    public static void main(String[] args) {
                SpringApplication application = new SpringApplication(Application.class);
        SpringApplication.run(Application.class, args);
    }

    @RequestMapping("/")
    public String home() {
            return "Hello World";
    }

pom.xml依赖关系

       <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-tomcat</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-actuator</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.geotools</groupId>
        <artifactId>gt-referencing</artifactId>
        <version>8.2</version>
        <type>jar</type>
    </dependency>
    <dependency>
        <groupId>org.jsoup</groupId>
        <artifactId>jsoup</artifactId>
        <version>1.7.2</version>
        <type>jar</type>
    </dependency>
    <dependency>
        <groupId>org.postgresql</groupId>
        <artifactId>postgresql</artifactId>
        <version>9.3-1102-jdbc41</version>
    </dependency>
    <dependency>
        <groupId>org.yaml</groupId>
        <artifactId>snakeyaml</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>

org.springframework.boot
spring引导启动器数据jpa
org.springframework.boot
SpringBootStarterWeb
org.springframework.boot
弹簧启动机tomcat
假如
org.springframework.boot
弹簧靴起动器执行器
org.springframework.boot
弹簧起动试验
测试
org.geotools
gt引用
8.2
罐子
org.jsoup
jsoup
1.7.2
罐子
org.postgresql
postgresql
9.3-1102-jdbc41
org.yaml
毒蛇
org.springframework.boot
弹簧启动安全

我需要将WebSecurity配置添加到应用程序上下文中，在主类声明中添加这一行：

...
@Import(WebSecurityConfig.class)
public class Application   {
...

我做的另一件事是将SpringBoot升级到

1.4.3。发布

，并将主应用程序放在根文件夹中：

 <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>1.4.3.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
  </parent>

这会自动加载子文件夹中的所有

@Configuration

看看这个，了解如何在Spring项目中启用web安全性

@RunWith(SpringRunner.class)
@SpringBootTest
@AutoConfigureMockMvc
public class ClientResourceControllerTest {

在同样的问题上，上面的内容帮助了我

@RunWith(SpringRunner.class)
@SpringBootTest
@AutoConfigureMockMvc
public class ClientResourceControllerTest {