传统spring web场景
1、pom.xml文件,引入Security
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2、创建AppSecurityConfig配置类
注意了,web是两种模式,一种是Spring WebFlux响应式,一种是Spring Web传统模式
package com.atguigu.boot3_09_spring_security.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
@Configuration
@EnableWebFluxSecurity
public class AppSecurityConfig {
// Spring WebFlux
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange(exchanges ->
exchanges.pathMatchers("/").permitAll() // pathMatchers() 设置路劲,permitAll() 不需要验证
.anyExchange().authenticated() //anyExchange() 所有的路劲,authenticated() 需要验证
);
//http.formLogin(); //验证登录页面 自Security版本 6.1 起已弃用并标记为移除
return http.build();
}
// Spring Web
// @Bean
// DefaultSecurityFilterChain securityWebFilterChain(HttpSecurity http) throws Exception {
// http.authorizeHttpRequests(registry ->
// registry.requestMatchers("/").permitAll() // requestMatchers() 设置路劲,permitAll() 不需要验证
// .anyRequest().authenticated() //anyRequest() 所有的路劲,authenticated() 需要验证
// );
// http.formLogin(form -> form.loginPage("/login")); //验证登录页面 自Security版本 6.1 起已弃用并标记为移除
// return http.build();
// }
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
