• Spring boot security rest basic Authentication example


    1. Maven dependency

    pom.xml

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.0.5.RELEASE</version>
        <relativePath />
    </parent>
     
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
    </dependencies>
    
     
    

     2. Configure WebSecurityConfigurerAdapter

    SecurityConfig.java

    package com.howtodoinjava.rest.config;
     
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
     
    @Configuration
    public class SecurityConfig extends WebSecurityConfigurerAdapter
    {
        @Override
        protected void configure(HttpSecurity http) throws Exception
        {
            http
             .csrf().disable()
             .authorizeRequests().anyRequest().authenticated()
             .and()
             .httpBasic();
        }
      
        @Autowired
        public void configureGlobal(AuthenticationManagerBuilder auth)
                throws Exception
        {
            auth.inMemoryAuthentication()
                .withUser("admin")
                .password("{noop}password")
                .roles("USER");
        }
    }
    

     3. Spring boot security rest basic authentication demo

    3.1. REST API

    EmployeeController.java

    @RestController
    @RequestMapping(path = "/employees")
    public class EmployeeController
    {
        @Autowired
        private EmployeeDAO employeeDao;
         
        @GetMapping(path="/", produces = "application/json")
        public Employees getEmployees()
        {
            return employeeDao.getAllEmployees();
        }
    }
    

     3.2. Access rest api without ‘authorization’ header

    get http://localhost:8080/employees/

    3.3. Access rest api with ‘authorization’ header

    HTTP GET http://localhost:8080/employees/  with header

  • 相关阅读:
    suse linux 下MYSQL 修改默认字符集
    检查oracle表空间使用情况
    SQL递归查询(SqlServer/ORACLE递归查询)[语法差异分析]
    ORA12519错误解决方案
    全表行转列——动态SQL
    MYSQL 远程连接错误ERROR 2013 (HY000): Lost connection to MySQL server at
    MYSQL根据字段名查询所属表
    ORA12516: TNS: 监听程序找不到符合协议堆栈要求的可用处理程错误解决方案
    suse linux 下取消mysql大小写敏感
    ORACLE根据字段名字查询所属表
  • 原文地址:https://www.cnblogs.com/chenqr/p/11144911.html
Copyright © 2020-2023  润新知