[精讚] [會員登入]
260

spring boot 3 建立 Basic Authentication

參考以下網站, 建立一個http basic authentication 為例 https://www.geeksfo

分享此文連結 //n.sfs.tw/16266

分享連結 spring boot 3 建立 Basic Authentication@igogo
(文章歡迎轉載,務必尊重版權註明連結來源)
2023-11-23 09:28:08 最後編修
2023-11-10 11:23:03 By igogo
 

 

 

 

參考以下網站, 建立一個http basic authentication 為例

https://www.geeksforgeeks.org/authentication-and-authorization-in-spring-boot-3-0-with-spring-security/

https://docs.spring.io/spring-security/reference/servlet/architecture.html#servlet-securityfilterchain

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html

 

pom.xml

 <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

 

 

 

code

 

@SpringBootApplication
@RestController
public class BasicAuthApplication {

	public static void main(String[] args) {
		SpringApplication.run(BasicAuthApplication.class, args);
	}

	@RequestMapping("/")
	public String Index() {
		return "index page";
	}

	@Bean
	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

		http
				.authorizeHttpRequests((authorize) -> authorize
						.requestMatchers("/js/**").permitAll()
						.anyRequest().authenticated()
				)
				.csrf(c -> c.disable())
				.httpBasic(Customizer.withDefaults());


		return http.build();
	}

	@Bean
	public UserDetailsService userDetailsService() {
		User.UserBuilder users = User.withDefaultPasswordEncoder();
		UserDetails user =
				users
						.username("user")
                        .password("user")
						.roles("USER")
						.build();
		return new InMemoryUserDetailsManager(user);
	}

 

 

加入csrf

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html#csrf-components

 

 

測試

 

@SpringBootTest
@AutoConfigureMockMvc
class BasicAuthApplicationTests {


	@Autowired
	private MockMvc mockMvc;


	@Test
	void shouldReturnDefaultMessage() throws Exception {

		MvcResult mvcResult = mockMvc
				.perform(get("/hello").with(httpBasic("user","user")))
				.andReturn();

		System.out.println(mvcResult.getResponse().getContentAsString());
	}


}

 

END

你可能感興趣的文章

download a file from spring boot controllers ownload a file from spring boot controllers

spring boot 3 建立 Basic Authentication 參考以下網站, 建立一個http basic authentication 為例 https://www.geeksfo

spring security 使用MD5 hash 認證 spring security 預設使用BCrypt , 但是舊的系統使用md5 hash, @Bean Passwor

我有話要說

>>

限制:留言最高字數1000字。 限制:未登入訪客,每則留言間隔需超過10分鐘,每日最多5則留言。

訪客留言

[無留言]

隨機好文

編碼的順序 utf8 big5

雲端校務系統與OPENLDAP帳號整合(1) 本文件目標是為做單一帳號整合, 使用校端更改密碼服務, 將雲端校務系統的帳密同步至校內LDAP server, 並讓SA

雲端校務系統與OPENLDAP帳號整合(3) 二 建置更改密碼服務 下載校端更改密碼程式: 連結 檢查是否安裝java 8 #java -version 安裝open

在docker裡跑spring boot+mongo(一) 系統安裝docker ce centos7 + docker ce https://docs.docker.com/in

tc web 問與答 Q. 填報網址 A. https://tiny.cc/tc-web Q. 出現了以下畫面, 怎麼辦 A. 建議瀏覽器開無