zoukankan      html  css  js  c++  java
  • Spring Security 自定义配置(1)

    @Configuration
    @EnableWebSecurity
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    
        //ip认证者配置
        @Bean
        IpAuthenticationProvider ipAuthenticationProvider() {
            return new IpAuthenticationProvider();
        }
    
        //配置封装ipAuthenticationToken的过滤器
        IpAuthenticationProcessingFilter ipAuthenticationProcessingFilter(AuthenticationManager authenticationManager) {
            IpAuthenticationProcessingFilter ipAuthenticationProcessingFilter = new IpAuthenticationProcessingFilter();
            //为过滤器添加认证器
            ipAuthenticationProcessingFilter.setAuthenticationManager(authenticationManager);
            //重写认证失败时的跳转页面
            ipAuthenticationProcessingFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/ipLogin?error"));
            return ipAuthenticationProcessingFilter;
        }
    
        //配置登录端点
        @Bean
        LoginUrlAuthenticationEntryPoint loginUrlAuthenticationEntryPoint(){
            LoginUrlAuthenticationEntryPoint loginUrlAuthenticationEntryPoint = new LoginUrlAuthenticationEntryPoint
                    ("/ipLogin");
            return loginUrlAuthenticationEntryPoint;
        }
    
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http
                .authorizeRequests()
                    .antMatchers("/", "/home").permitAll()
                    .antMatchers("/ipLogin").permitAll()
                    .anyRequest().authenticated()
                    .and()
                .logout()
                    .logoutSuccessUrl("/")
                    .permitAll()
                    .and()
                .exceptionHandling()
                    .accessDeniedPage("/ipLogin")
                    .authenticationEntryPoint(loginUrlAuthenticationEntryPoint())
            ;
    
            //注册IpAuthenticationProcessingFilter  注意放置的顺序 这很关键
            http.addFilterBefore(ipAuthenticationProcessingFilter(authenticationManager()), UsernamePasswordAuthenticationFilter.class);
    
        }
    
        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.authenticationProvider(ipAuthenticationProvider());
        }
    
    }
    
  • 相关阅读:
    redis持久化,主从及数据备份
    验证redis的快照和AOF
    Erlang中日志管理
    erlang tcp发包速度测试
    树(234树插入查找显示)
    JDBC(初步试用)
    树(二叉树的插入删除查找遍历)
    哈希表(链地址法插入删除)
    哈希表-再哈希法插入删除
    哈希表-线性探测插入删除
  • 原文地址:https://www.cnblogs.com/leihuazhe/p/7846266.html
Copyright © 2011-2022 走看看