Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/13.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring数据REST密钥斗篷-保护REST端点的最佳方法?_Spring_Spring Boot_Spring Security_Spring Data Rest_Keycloak - Fatal编程技术网
Fatal编程技术网
  • spring/
  • Spring数据REST密钥斗篷-保护REST端点的最佳方法?

Spring数据REST密钥斗篷-保护REST端点的最佳方法?

spring spring-boot spring-security keycloak

Spring数据REST密钥斗篷-保护REST端点的最佳方法?,spring,spring-boot,spring-security,spring-data-rest,keycloak,Spring,Spring Boot,Spring Security,Spring Data Rest,Keycloak,当使用KeyClope保护Spring数据REST应用程序时,Spring安全性允许通过如下方式使配置类扩展KeyClope WebSecurity配置适配器并覆盖configure(HttpSecurity)来保护REST端点: @Configuration @EnableWebSecurity @ComponentScan(basePackageClasses = KeycloakSecurityComponents.class) @EnableGlobalMethodSecurity(pr

当使用KeyClope保护Spring数据REST应用程序时,Spring安全性允许通过如下方式使配置类扩展
KeyClope WebSecurity配置适配器并覆盖
configure(HttpSecurity)
来保护REST端点:


@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

   protected void configure(HttpSecurity http) throws Exception {
          super.configure(http);
          http
          .authorizeRequests()
          .antMatchers(HttpMethod.GET, "/customers/**").hasRole("view-customers")
          .antMatchers(HttpMethod.POST, "/customers/**").hasRole("create-customers")
          .antMatchers(HttpMethod.PATCH, "/customers/**").hasRole("edit-customers")
          .anyRequest().authenticated();
            }
        }


但是像这样硬编码会给将来的改变带来困难。有更好的方法吗