Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/13.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring 如何在inMemoryAuthentication builder生成后向其添加用户?_Spring_Spring Security_Spring Boot - Fatal编程技术网
Fatal编程技术网
  • spring/
  • Spring 如何在inMemoryAuthentication builder生成后向其添加用户?

Spring 如何在inMemoryAuthentication builder生成后向其添加用户?

spring spring-security spring-boot

Spring 如何在inMemoryAuthentication builder生成后向其添加用户?,spring,spring-security,spring-boot,Spring,Spring Security,Spring Boot,在应用程序的初始加载过程中,我已成功将所有用户加载到AuthenticationManagerBuilder中,但我需要在启动后添加用户 启动: public class WebSecurityConfig extends WebSecurityConfigurerAdapter ... auth.inMemoryAuthentication().withUser(email).password(password).roles(roles.toArray(new String[roles.s

在应用程序的初始加载过程中,我已成功将所有用户加载到AuthenticationManagerBuilder中,但我需要在启动后添加用户

启动:

public class WebSecurityConfig extends WebSecurityConfigurerAdapter

...

auth.inMemoryAuthentication().withUser(email).password(password).roles(roles.toArray(new String[roles.size()])).and().passwordEncoder(encoder());
这在某个时间点上非常有效,但我有一个用例,可以在应用程序运行时添加用户

启动后(通过控制器/服务)我可以通过哪种方法执行此操作?我想它可能是MemoryUserDetailsManager中的
(它包含
createUser()
方法),但我不确定如何引用或配置它。
以下代码将满足您的要求:


@Configuration
@EnableWebMvcSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //whatever here
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(inMemoryUserDetailsManager());
    }

    @Bean
    public InMemoryUserDetailsManager inMemoryUserDetailsManager() {
        final Properties users = new Properties();
        users.put("user","pass,ROLE_USER,enabled"); //add whatever other user you need
        return new InMemoryUserDetailsManager(users);
    }

}


使用上面配置的
InMemoryUserDetailsManager
超级简单控制器,只需添加并检查用户是否存在,如下所示:


@RestController
@RequestMapping("user")
public class SimpleSecurityController {

    private final InMemoryUserDetailsManager inMemoryUserDetailsManager;

    @Autowired
    public SimpleSecurityController(InMemoryUserDetailsManager inMemoryUserDetailsManager) {
       this.inMemoryUserDetailsManager = inMemoryUserDetailsManager;
    }

    @RequestMapping("exists/{username}")
    public boolean userExists(@PathVariable("username") String username ) {
        return inMemoryUserDetailsManager.userExists(username);
    }

    @RequestMapping("add/{username}/{password}")
    public String add(@PathVariable("username") String username, @PathVariable("password") String password) {
        inMemoryUserDetailsManager.createUser(new User(username, password, new ArrayList<GrantedAuthority>()));
        return "added";
    }
}


防止Spring Boot尝试自动配置安全性

更新
正如@AdamMichalik所指出的,
@EnableWebMvcSecurity
已被弃用,应替换为
@EnableWebSecurity
我更改了此代码:


inMemoryUserDetailsManager.createUser(new User(username, password, new ArrayList<GrantedAuthority>()));


因为默认情况下,新用户没有任何权限


inMemoryUserDetailsManager.createUser(new User(username, password, new ArrayList<GrantedAuthority>()));



inMemoryUserDetailsManager.createUser(User.withUsername(username).password(password).roles("USER").build());