• WebFlux Spring Security配置


    最小化可运行配置

    package com.terwergreen.bugucms.config;
    
    import org.apache.commons.logging.Log;
    import org.apache.commons.logging.LogFactory;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Bean;
    import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
    import org.springframework.security.config.web.server.ServerHttpSecurity;
    import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
    import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
    import org.springframework.security.core.userdetails.User;
    import org.springframework.security.core.userdetails.UserDetails;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;
    import org.springframework.security.web.server.SecurityWebFilterChain;
    import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
    import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
    
    import java.net.URI;
    
    /**
     * @Author Terwer
     * @Date 2018/6/22 15:55
     * @Version 1.0
     * @Description 安全授权配置
     **/
    @EnableWebFluxSecurity
    public class SecurityConfig {
        private Log logger = LogFactory.getLog(this.getClass());
    
        @Autowired
        PasswordEncoder passwordEncoder;
    
        @Bean
        public PasswordEncoder passwordEncoder() {
            return new BCryptPasswordEncoder();
        }
    
        @Bean
        public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
            logger.info("WebFlux Security begin");
            return http
                    .authorizeExchange()
                    .pathMatchers("/admin/**")
                    .authenticated()
                    .pathMatchers("/**")
                    .permitAll()
                    .and()
                    .csrf()
                    //.csrfTokenRepository(customCsrfTokenRepository)
                    //.requireCsrfProtectionMatcher(customCsrfMatcher)
                    .and()
                    .formLogin()
                    //.loginPage("/login")
                    //.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/login?error"))
                    //.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/admin"))
                    .and()
                    .logout()
                    //.logoutUrl("/logout")
                    .logoutSuccessHandler(logoutSuccessHandler("/login?logout"))
                    .and()
                    .build();
        }
    
        public ServerLogoutSuccessHandler logoutSuccessHandler(String uri) {
            RedirectServerLogoutSuccessHandler successHandler = new RedirectServerLogoutSuccessHandler();
            successHandler.setLogoutSuccessUrl(URI.create(uri));
            return successHandler;
        }
    
        @Bean
        public ReactiveUserDetailsService userDetailsService() {
            //内存中缓存权限数据
            User.UserBuilder userBuilder = User.builder();
            UserDetails admin = userBuilder.username("admin").password(passwordEncoder.encode("123456")).roles("USER", "ADMIN").build();
            // 输出加密密码
            String encodePassword = passwordEncoder.encode("123456");
            logger.info("encodePassword:" + encodePassword);
            return new MapReactiveUserDetailsService(admin);
        }
    }
    
    

    参考

    https://www.sudoinit5.com/post/spring-reactive-auth-forms/

  • 相关阅读:
    【Android學習專題】数据存储篇:SharedPreferences/Files/SDCard
    【My Sft】彩色图像分析软件V1.0.1.0
    【流媒體】Android 实时视频采集—Camera预览采集
    【流媒體】 Android 实时视频编码—H.264硬编码
    【资料整理】一些英语面试题整理
    【C/C++语法外功】sizeof
    【My Project】开关稳压电源第八届索尼杯全国大学生电子设计竞赛(2007)
    【Android學習專題】網絡通信篇:Socket TCP(简易聊天室)
    【Android學習專題】多媒體篇:MediaRecoder 实现录像机
    【流媒體】Android 实时视频采集—MediaRecoder录制
  • 原文地址:https://www.cnblogs.com/tangyouwei/p/10032668.html
Copyright © 2020-2023  润新知