spring-security

问题 I have a Spring boot application with Spring security. My problem is similar to this one, but in my case I want to redirect the user to the login page if he's not authenticated when he tries to access any page of the application. The following image shows the architecture of the application: My config class looks like this: @EnableWebSecurity @Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception {

问题 This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center. Closed 7 years ago . I'm beginner of Spring Framework. Me and my friend are writing our engineer thesis on Poznań University of Technology and we have a problem with Spring

问题 This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center. Closed 7 years ago . I'm beginner of Spring Framework. Me and my friend are writing our engineer thesis on Poznań University of Technology and we have a problem with Spring

问题 This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center. Closed 7 years ago . I'm beginner of Spring Framework. Me and my friend are writing our engineer thesis on Poznań University of Technology and we have a problem with Spring

问题 I’m trying to create a custom username password authentication filter since I need to validate passwords from two different sources. I’m using Spring Boot 1.2.1 and Java configuration. The error I get when deploying is Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'customUsernamePasswordAuthenticationFilter' defined in file [/Users/rjmilitante/Documents/eclipse-workspace/login-service/bin/com/elsevier/eols/loginservice

问题 I've got a Spring boot RESTful service with Spring security configured like so: protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity.cors().and() /*.formLogin().loginPage("/auth") .permitAll().and() .authorizeRequests() .anyRequest() .authenticated() .and().httpBasic().and()*/ .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .and() .addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class); } & public class CsrfHeaderFilter extends

问题 How in Spring Security can I set a RememberMe cookie url path, that differs from the context path? Supposing my website's homepage url is (url rewrite): https://www.mysuperspecialdomain.com And that my login page has a url like this: https://www.mysuperspecialdomain.com/shop/account/login After succesful login the RememberMe cookie has the path /shop (visible in the browser, e.g. Chrome). This is the project's context path. This leads to the situation, that when I'm going to my homepage,

问题 I'm trying to move my project to Spring Boot 1.5.1 and right now my configuration of Outh2 + JWT tokens stopped working. Right now I receive 401 error while performing a following test: RestTemplate restTemplate = new RestTemplate(); CreateDecisionRequest decisionRequest = new CreateDecisionRequest(name, description, url, imageUrl, parentDecisionId, tenantId); HttpHeaders headers = new HttpHeaders(); headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); headers.add(SecurityTestUtils

问题 I've added Spring Security to my application. I am able to login fine but after I click logout, I'm then unable to login again. Here is my applicationContext-security.xml <http auto-config="true" access-denied-page="/accessDenied.html"> <intercept-url pattern="/login.html*" filters="none"/> <intercept-url pattern="/static/**" filters="none"/> <intercept-url pattern="/**" access="ROLE_USER" /> <form-login login-page="/login.html" authentication-failure-url="/login.html?login_error=1" default

问题 I am currently working on a simple role based access control in Spring. I am using an implementation of AccessDecisionVoter. So i wonder what is the Object o parameter in the public int vote(Authentication authentication, Object o, Collection<ConfigAttribute> configAttributes) { method? Spring documentation says it is "the secured object". I use intercept-urls and this voter gets called, so is it a controller? Or is it just a string of the url? Thanks in advance. 回答1: If you are using Spring