第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

為了賬號(hào)安全,請(qǐng)及時(shí)綁定郵箱和手機(jī)立即綁定
已解決430363個(gè)問(wèn)題,去搜搜看,總會(huì)有你想問(wèn)的

模塊化 Spring Security SecurityWebFilterChain

模塊化 Spring Security SecurityWebFilterChain

眼眸繁星 2023-02-16 16:47:00
我們的 Spring Security 配置文件越來(lái)越大,我們想將它分解成更小的部分?,F(xiàn)在我們有以下內(nèi)容:public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {    http.securityMatcher(ServerWebExchangeMatchers.pathMatchers("/api/**"))            .authenticationManager(this.authenticationManager);    http.authorizeExchange()            .pathMatchers(HttpMethod.GET, "/api/serviceA/**")            .hasAuthority("PROP_A");    http.authorizeExchange()            .pathMatchers(HttpMethod.GET, "/api/serviceB/**")            .hasAuthority("PROP_B");    http.authorizeExchange().pathMatchers(HttpMethod.POST, "/api/login", "/api/logout", "/api/forgotPassword", "/api/confirmForgotPassword").permitAll();    http.csrf()            .disable()            .formLogin()            .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED))            .requiresAuthenticationMatcher(                    ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/api/login"))            .authenticationFailureHandler(CustomSpringSecurity::onAuthenticationFailure)            .authenticationSuccessHandler(CustomSpringSecurity::onAuthenticationSuccess)            .and()            .logout()            .logoutUrl("/api/logout")            .logoutSuccessHandler(new CustomLogoutSuccessHandler(HttpStatus.OK));    final SecurityWebFilterChain build = http.build();我們想用它securityMatcher來(lái)突破/api/seviceA/**并/api/seviceB/**擁有自己的SecurityWebFilterChain @Beans。但是,我們遇到的問(wèn)題是配置中存在額外的配置。我們希望最終結(jié)果如下所示。    public SecurityWebFilterChain securityWebFilterChainForServiceA(ServerHttpSecurity http) {        http.securityMatcher(ServerWebExchangeMatchers.pathMatchers("/api/serviceA/**"));        http.authorizeExchange()                .pathMatchers(HttpMethod.GET, "/api/serviceA/**")                .hasAuthority("PROP_A");        return http.build();    }我們希望端點(diǎn)的所有其他配置都是隱式的。Spring Security 怎么可能做這樣的模塊化呢?
查看完整描述

1 回答

?
慕容3067478

TA貢獻(xiàn)1773條經(jīng)驗(yàn) 獲得超3個(gè)贊

您可以像這樣指定一個(gè)接口:


    public interface HttpSecurityConfig {

        Consumer<ServerHttpSecurity> configuration();

    }

然后創(chuàng)建一個(gè)類,為每個(gè)端點(diǎn)實(shí)現(xiàn)它,您可以將其作為 bean 注入:


    @Component

    public class ServiceASecurityConfig implements HttpSecurityConfig {

        @Override

        public Consumer<ServerHttpSecurity> configuration() {

            return (http) -> {


                http.authorizeExchange()

                        .pathMatchers(HttpMethod.GET, "/api/serviceA/**")

                        .hasAuthority("PROP_A");

            };

        }

    }


    @Component

    public class ServiceBSecurityConfig implements HttpSecurityConfig {

        @Override

        public Consumer<ServerHttpSecurity> configuration() {

            return (http) -> {


                http.authorizeExchange()

                        .pathMatchers(HttpMethod.GET, "/api/serviceB/**")

                        .hasAuthority("PROP_B");

            };

        }

    }


最后修改你的SecurityWebFilterChain所以它注入所有類型的beanHttpSecurityConfig并應(yīng)用配置,就像這樣:


public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http, final List<HttpSecurityConfig> httpConfigurations) {

    http.securityMatcher(ServerWebExchangeMatchers.pathMatchers("/api/**"))

            .authenticationManager(this.authenticationManager);


    // This line replaces the individual configurations in your original question

    httpConfigurations.forEach(config -> config.configuration().accept(http));


    http.authorizeExchange().pathMatchers(HttpMethod.POST, "/api/login", "/api/logout", "/api/forgotPassword", "/api/confirmForgotPassword").permitAll();


    http.csrf()

            .disable()

            .formLogin()

            .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED))

            .requiresAuthenticationMatcher(

                    ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/api/login"))

            .authenticationFailureHandler(CustomSpringSecurity::onAuthenticationFailure)

            .authenticationSuccessHandler(CustomSpringSecurity::onAuthenticationSuccess)

            .and()

            .logout()

            .logoutUrl("/api/logout")

            .logoutSuccessHandler(new CustomLogoutSuccessHandler(HttpStatus.OK));


    final SecurityWebFilterChain build = http.build();


    build

            .getWebFilters()

            .collectList()

            .subscribe(

                    webFilters -> {

                        for (WebFilter filter : webFilters) {

                            if (filter instanceof AuthenticationWebFilter) {

                                AuthenticationWebFilter awf = (AuthenticationWebFilter) filter;

                                awf.setServerAuthenticationConverter(CustomSpringSecurity::convert);

                            }

                        }

                    });


    return build;

}


查看完整回答
反對(duì) 回復(fù) 2023-02-16
  • 1 回答
  • 0 關(guān)注
  • 362 瀏覽
慕課專欄
更多

添加回答

舉報(bào)

0/150
提交
取消
微信客服

購(gòu)課補(bǔ)貼
聯(lián)系客服咨詢優(yōu)惠詳情

 幫助反饋 APP下載

慕課網(wǎng)APP
您的移動(dòng)學(xué)習(xí)伙伴

 公眾號(hào)

掃描二維碼
關(guān)注慕課網(wǎng)微信公眾號(hào)