更新时间:2023-02-24 21:09:53
这是我基于注入的 userService 配置预认证安全性的方法:
This is my way to configure pre-auth security based on injected userService:
@Configuration
@EnableWebSecurity
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(jsr250Enabled = true, securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
private static final Logger LOG = Logger.getLogger(ApplicationSecurity.class.getName());
@Autowired
private UserService userService; // implements AuthenticationUserDetailsService...
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
LOG.info("configure autentication provider with custom userService");
PreAuthenticatedAuthenticationProvider paaProvider = new PreAuthenticatedAuthenticationProvider();
paaProvider.setPreAuthenticatedUserDetailsService(userService);
auth.authenticationProvider(paaProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
LOG.info("configure autentication filter");
// ...
}
}