spring-security

问题 I override configure(HttpSecurity http) method in SampleSecurityConfig Class like this @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/delete/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .formLogin().and().httpBasic(); } If i don't use httpBasic method, it seems no problem occurred. what does httpBasic method exactly do? 回答1: Calling this method on HttpSecurity will enable Http Basic Authentication for your

问题 I have the below spring configuration :- static SessionRegistry SR; @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/", "/forgotPwd", "/resetPwd").permitAll() .anyRequest().authenticated().and().formLogin().loginPage("/login") .defaultSuccessUrl("/home").failureUrl("/login?error").permitAll() .successHandler(authenticationSuccessHandler) // autowired or defined below .and().logout() .logoutRequestMatcher(new

问题 I need it to access 2 different schema's in one database(MySQL). I wrote two config classes here: package twodb.webfi.config; import java.util.Properties; import javax.persistence.EntityManagerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration;

问题 Might be the question is already answered before but I cant find any answer for my problem so I ask you my question. I am trying to implement SAML2 based SSO with OKTA. For that purpose I created a dev account at oktapreviw. I downloaded spring securty saml2 example at this link http://projects.spring.io/spring-security-saml/#quick-start and by using this link https://docs.spring.io/spring-security-saml/docs/1.0.x/reference/html/chapter-idp-guide.html#d5e1816 I adopted my configuration and

问题 I am trying to add Facebook authorization using Spring Security in Spring Boot app. Currently, my problem is extracting data from Principal. Here is my security config: public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure (HttpSecurity http) throws Exception { http .csrf().disable() .antMatcher("/**") .authorizeRequests() .antMatchers("/", "/login**").permitAll() .anyRequest().authenticated() .and() .logout() .deleteCookies("JSESSIONID")

问题 I am trying to secure my service methods using @Secured as below: public interface IUserService { @Secured({"ROLE_ROLE1", "ROLE_ROLE2"}) ResponseEntity saveUser(CreateUserDtoRequest userDto); } I wanna know is there a way to define {"ROLE_ROLE1", "ROLE_ROLE2"} in a variable and read its value from a properties file? That would be great if you can suggest me a trick, to: remove repetition of {"ROLE_ROLE1", "ROLE_ROLE2"} in other methods In case of change in required roles to access a method in

问题 I am trying to secure my service methods using @Secured as below: public interface IUserService { @Secured({"ROLE_ROLE1", "ROLE_ROLE2"}) ResponseEntity saveUser(CreateUserDtoRequest userDto); } I wanna know is there a way to define {"ROLE_ROLE1", "ROLE_ROLE2"} in a variable and read its value from a properties file? That would be great if you can suggest me a trick, to: remove repetition of {"ROLE_ROLE1", "ROLE_ROLE2"} in other methods In case of change in required roles to access a method in

问题 I am trying to add Facebook authorization using Spring Security in Spring Boot app. Currently, my problem is extracting data from Principal. Here is my security config: public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure (HttpSecurity http) throws Exception { http .csrf().disable() .antMatcher("/**") .authorizeRequests() .antMatchers("/", "/login**").permitAll() .anyRequest().authenticated() .and() .logout() .deleteCookies("JSESSIONID")

问题 i have a class with the method: Code: List<Entity> getData() {...} and some classes which extends Entity: Project, Phase, Invoice, Payment. and i would like to do something like this: @PostFilter("filterObject instanseof Project ? filterObject.manager == principal : filterObject instanceof Phase ? filterObject.project.manager == principal : filterObject instanceof Invoice ? filterObject.phase.project == principal : filterObject instanceof Payment ? filterObject.invoice.phase.project.manager =

问题 i have a class with the method: Code: List<Entity> getData() {...} and some classes which extends Entity: Project, Phase, Invoice, Payment. and i would like to do something like this: @PostFilter("filterObject instanseof Project ? filterObject.manager == principal : filterObject instanceof Phase ? filterObject.project.manager == principal : filterObject instanceof Invoice ? filterObject.phase.project == principal : filterObject instanceof Payment ? filterObject.invoice.phase.project.manager =