弹簧-安全5总是302
弹簧-安全5总是302
提问于 2018-07-31 13:42:49
我正在尝试测试使用标准Security保护的web,但是每当我登录到我的应用程序时,/test.html API总是返回302个重定向。用户名:管理员/密码:admin
package com.example.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@SpringBootApplication
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
@RequestMapping("/hello")
public String hello() {
return "hello";
}
}package com.example.demo;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@EnableWebSecurity
public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin()
.loginPage("/test.html").permitAll()
.loginProcessingUrl("/user/login")
.and()
.authorizeRequests()
.antMatchers("/test.html").permitAll()
.anyRequest()
.authenticated();
}
}package com.example.demo;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
@Component
public class UserDetailsServiceImpl implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
return new User("admin",
"$2a$10$vs7veyVUaqeGyVlxXpp94O7BcmzcF2HGUmH2va6XDVCj2mK8uFzRi",
AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));
}
}回答 2
Stack Overflow用户
发布于 2019-11-14 18:30:34
您需要在.hasAnyRole之后放置,然后将用户的角色放在put之后,您需要放置.anyRequest().authenticated(),仅此而已
Stack Overflow用户
发布于 2021-10-22 12:22:09
将SecurityAutoConfiguration.class和ManagementWebSecurityAutoConfiguration.class排除在我的spring应用程序的主类之外。
import org.springframework.boot.SpringApplication;
import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
@SpringBootApplication(exclude = {SecurityAutoConfiguration.class,
ManagementWebSecurityAutoConfiguration.class})
public class MainApplication implements WebMvcConfigurer {
public static void main(String[] args) {
SpringApplication.run(MainApplication.class, args);
}
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/51614847
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号