我需要使用这样的URL访问我的spring boot应用程序:https:// username:password @ IpServer /
我已经实现了https协议,但是这里的问题是如何添加用户并通过url传递
通常,我使用以下URL访问我的应用程序:https:// @ IpServer /
我需要面对这个话题的任何人的帮助
我终于注意到,Spring boot集成了这个apache选项,在您像这样修改应用程序属性后,还应该添加用于Spring安全性的Security依赖项(也适用于https协议):
# Define a custom port instead of the default 8080
server.port=443
#Define http server
#http.port=8080
# Tell Spring Security (if used) to require requests over HTTPS
security.require-ssl=true
# The format used for the keystore
server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=classpath:keystore.p12
# The password used to generate the certificate
server.ssl.key-store-password=keycertifpass
# The alias mapped to the certificate
server.ssl.key-alias=tomcat
之后,在新类中添加基本身份验证,这种身份验证负责添加用户并通过URL传递:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import com.project.exception.CustomAuthenticationEntryPoint;
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomAuthenticationEntryPoint unauthorizedHandler;
/** Use Basic Authentication **/
@Override
public void configure(HttpSecurity http) throws Exception
{
http.httpBasic().realmName("user").and().authorizeRequests()
.antMatchers("/**").hasRole("user")
.and()
.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
throws Exception
{
auth.inMemoryAuthentication()
.withUser("user").password(passwordEncoder().encode("pass")).roles("user");
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
对我来说,我已为authenticationEntryPoint自定义了错误处理,可以根据需要添加它,也可以不进行自定义,就可以自由使用。
我希望这个答案能帮助遇到相同问题的人们。
感谢大家。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句