如何用 Spring Boot 安全功能替换 Basic auth？

1回答

慕斯王

您可以按照以下步骤从 Spring Boot 中删除现有的基本身份验证吗在 Spring Boot 中，我们可以通过配置实用程序类 WebSecurityConfigurerAdapter 来启用 BasicAuth，并且当您配置它时，您将允许在访问应用程序中的任何配置的 URL（或所有 url）之前进行身份验证。脚步您必须删除 WebSecurityConfigurerAdapter 扩展类我将附上它的样子@Configurationpublic class EnablingSecutiry extends WebSecurityConfigurerAdapter{&nbsp; &nbsp; @Override&nbsp; &nbsp; protected void configure(HttpSecurity http) throws Exception&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; http&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;.csrf().disable()&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;.authorizeRequests().anyRequest().authenticated()&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;.and()&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;.httpBasic();&nbsp; &nbsp; }&nbsp; &nbsp; @Autowired&nbsp; &nbsp; public void configureGlobal(AuthenticationManagerBuilder auth)&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; throws Exception&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; auth.inMemoryAuthentication()&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .withUser("admin")&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .password("{noop}password")&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .roles("USER");&nbsp; &nbsp; }}脚步从 POM 文件中删除依赖项&nbsp;<dependency>&nbsp; &nbsp; &nbsp; &nbsp; <groupId>org.springframework.boot</groupId>&nbsp; &nbsp; &nbsp; &nbsp; <artifactId>spring-boot-starter-security</artifactId>&nbsp; &nbsp; </dependency>

0

0

0