Spring数据REST密钥斗篷-保护REST端点的最佳方法?
当使用KeyClope保护Spring数据REST应用程序时,Spring安全性允许通过如下方式使配置类扩展Spring数据REST密钥斗篷-保护REST端点的最佳方法?,spring,spring-boot,spring-security,spring-data-rest,keycloak,Spring,Spring Boot,Spring Security,Spring Data Rest,Keycloak,当使用KeyClope保护Spring数据REST应用程序时,Spring安全性允许通过如下方式使配置类扩展KeyClope WebSecurity配置适配器并覆盖configure(HttpSecurity)来保护REST端点: @Configuration @EnableWebSecurity @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class) @EnableGlobalMethodSecurity(pr
KeyClope WebSecurity配置适配器并覆盖configure(HttpSecurity)
来保护REST端点:
@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/customers/**").hasRole("view-customers")
.antMatchers(HttpMethod.POST, "/customers/**").hasRole("create-customers")
.antMatchers(HttpMethod.PATCH, "/customers/**").hasRole("edit-customers")
.anyRequest().authenticated();
}
}
但是像这样硬编码会给将来的改变带来困难。有更好的方法吗