下面列出了怎么用org.springframework.boot.autoconfigure.security.SecurityProperties的API类实例代码及写法,或者点击链接到github查看源代码。
/**
* 系统内置filter,优先级高于spring security的身份认证
* @return
*/
@Bean
public FilterRegistrationBean<WebThreadFilter> filterRegistrationBean(@SuppressWarnings("SpringJavaAutowiringInspection") Environment environment) {
FilterRegistrationBean<WebThreadFilter> registration = new FilterRegistrationBean<WebThreadFilter>();
registration.addUrlPatterns("/*");
WebThreadFilter filterProxy = new WebThreadFilter(filterDefs);
filterProxy.setEnvironment(environment);
registration.setFilter(filterProxy);
registration.setOrder(SecurityProperties.DEFAULT_FILTER_ORDER - 1);
return registration;
}
/**
* 系统内置filter,优先级高于spring security的身份认证
* @return
*/
@Bean
public FilterRegistrationBean<WebThreadFilter> filterRegistrationBean(@SuppressWarnings("SpringJavaAutowiringInspection") Environment environment) {
FilterRegistrationBean<WebThreadFilter> registration = new FilterRegistrationBean<WebThreadFilter>();
registration.addUrlPatterns("/*");
WebThreadFilter filterProxy = new WebThreadFilter(filterDefs);
filterProxy.setEnvironment(environment);
registration.setFilter(filterProxy);
registration.setOrder(SecurityProperties.DEFAULT_FILTER_ORDER - 1);
return registration;
}
@Bean
public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration(
OAuth2ClientContextFilter filter, SecurityProperties security) {
FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<>();
registration.setFilter(filter);
registration.setOrder(security.getFilter().getOrder() - 10);
return registration;
}
@Bean
public InMemoryUserDetailsManager inMemoryUserDetailsManager(
SecurityProperties properties,
ObjectProvider<PasswordEncoder> passwordEncoder) {
SecurityProperties.User user = properties.getUser();
List<String> roles = user.getRoles();
return new InMemoryUserDetailsManager(User.withUsername(user.getName())
.password(getOrDeducePassword(user, passwordEncoder.getIfAvailable()))
.roles(StringUtils.toStringArray(roles)).build());
}
private String getOrDeducePassword(SecurityProperties.User user,
PasswordEncoder encoder) {
if (encoder != null) {
return user.getPassword();
}
return "{noop}" + user.getPassword();
}
@Bean
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@ConditionalOnMissingBean(DefaultUrlSecurityConfigurer.class)
@Autowired
public DefaultUrlSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
return super.defaultSecurityConfigurer(accessDecisionManager);
}
@Bean
public FilterRegistrationBean<CorsFilter> corsFilterRegistration() {
FilterRegistrationBean<CorsFilter> filter = new FilterRegistrationBean<>();
CorsConfiguration config = new CorsConfiguration();
config.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL));
config.setAllowedMethods(Collections.singletonList(CorsConfiguration.ALL));
config.setAllowedHeaders(Collections.singletonList(CorsConfiguration.ALL));
config.setAllowCredentials(true);
filter.setFilter(new CorsFilter(r -> config));
filter.setUrlPatterns(Collections.singleton("/*"));
filter.setOrder(SecurityProperties.DEFAULT_FILTER_ORDER - 1);
return filter;
}
@Autowired
public SecurityConfiguration(SecurityProperties securityProperties) {
this.securityProperties = securityProperties;
}
public SecurityController(SecurityProperties securityProperties) {
this.securityProperties = securityProperties;
}
@Bean
public SecurityController securityController(SecurityProperties securityProperties) {
return new SecurityController(securityProperties);
}
InMemoryUserManagementAutoConfiguration(final SecurityProperties securityProperties,
final MultiUserProperties multiUserProperties) {
this.securityProperties = securityProperties;
this.multiUserProperties = multiUserProperties;
}
@Bean
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@ConditionalOnMissingBean(DefaultMethodSecurityConfigurer.class)
public DefaultMethodSecurityConfigurer defaultSecurityConfigurer(){
return super.defaultSecurityConfigurer();
}