1. 首页
  2. 问题
  3. Spring Boot 2安全性基本认证
小编典典

Spring Boot 2安全性基本认证

spring-boot

为什么以下基本安全配置不适用于inMemoryAuthentication()子句?

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .httpBasic()
            .and()
            .authorizeRequests()
            .anyRequest().authenticated();
        super.configure(http);
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("username").password("password");
        super.configure(auth);
    }

}

在应用程序初始化之后,仍然只有userSpring本身生成默认值,没有喜欢的用户username


阅读 342

收藏
2020-05-30

共1个答案

小编典典

不要从调用超级方法void configure(AuthenticationManagerBuilder auth)。它设置disableLocalConfigureAuthenticationBldr标志true导致您AuthenticationManagerBuilder被忽略。最后,您的void configure(AuthenticationManagerBuilder auth)方法应如下所示:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication()
            .withUser("username").password("password").roles("USER");
}
2020-05-30