Spring security 只需要显示基本身份验证的spring security java配置示例
我当前的java安全配置如下所示:Spring security 只需要显示基本身份验证的spring security java配置示例,spring-security,Spring Security,我当前的java安全配置如下所示: @Configuration @EnableWebSecurity public class RootConfig extends WebSecurityConfigurerAdapter { @Override protected void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication()
@Configuration
@EnableWebSecurity
public class RootConfig extends WebSecurityConfigurerAdapter {
@Override
protected void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception
{
auth.inMemoryAuthentication()
.withUser("tester").password("passwd").roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.anyRequest().authenticated()
.and()
.httpBasic();
}
}
当我使用浏览器执行GET请求时,我将得到一个错误403。
我希望得到一个浏览器弹出窗口,询问我的用户名/密码。
可能是什么问题?更新:这在Spring Security 3.2.0.RC1中已修复+ 这是Security Java配置中的一个bug,将在下一版本中解决。我已经创建了跟踪它。目前,解决方法是使用以下内容:
@Bean
public BasicAuthenticationEntryPoint entryPoint() {
BasicAuthenticationEntryPoint basicAuthEntryPoint = new BasicAuthenticationEntryPoint();
basicAuthEntryPoint.setRealmName("My Realm");
return basicAuthEntryPoint;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.exceptionHandling()
.authenticationEntryPoint(entryPoint())
.and()
.authorizeUrls()
.anyRequest().authenticated()
.and()
.httpBasic();
}
PS:感谢您尝试SpringSecurityJava配置!保持反馈:)使用Spring Security 4.2.3,可能在您可以简单地使用此配置之前:
@Configuration
@EnableWebSecurity
public class CommonWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
@Autowired
public void dlcmlUserDetails(final AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("tom").password("111").roles("USER");
}
}