[精讚] [會員登入]
124

spring boot 3 建立 Basic Authentication

參考以下網站, 建立一個http basic authentication 為例 https://www.geeksfo

分享此文連結 //n.sfs.tw/16266

分享連結 spring boot 3 建立 Basic Authentication@igogo
(文章歡迎轉載,務必尊重版權註明連結來源)
2023-11-23 09:28:08 最後編修
2023-11-10 11:23:03 By igogo
 

 

 

 

參考以下網站, 建立一個http basic authentication 為例

https://www.geeksforgeeks.org/authentication-and-authorization-in-spring-boot-3-0-with-spring-security/

https://docs.spring.io/spring-security/reference/servlet/architecture.html#servlet-securityfilterchain

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html

 

pom.xml

 <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

 

 

 

code

 

@SpringBootApplication
@RestController
public class BasicAuthApplication {

	public static void main(String[] args) {
		SpringApplication.run(BasicAuthApplication.class, args);
	}

	@RequestMapping("/")
	public String Index() {
		return "index page";
	}

	@Bean
	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

		http
				.authorizeHttpRequests((authorize) -> authorize
						.requestMatchers("/js/**").permitAll()
						.anyRequest().authenticated()
				)
				.csrf(c -> c.disable())
				.httpBasic(Customizer.withDefaults());


		return http.build();
	}

	@Bean
	public UserDetailsService userDetailsService() {
		User.UserBuilder users = User.withDefaultPasswordEncoder();
		UserDetails user =
				users
						.username("user")
                        .password("user")
						.roles("USER")
						.build();
		return new InMemoryUserDetailsManager(user);
	}

 

 

加入csrf

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html#csrf-components

 

 

測試

 

@SpringBootTest
@AutoConfigureMockMvc
class BasicAuthApplicationTests {


	@Autowired
	private MockMvc mockMvc;


	@Test
	void shouldReturnDefaultMessage() throws Exception {

		MvcResult mvcResult = mockMvc
				.perform(get("/hello").with(httpBasic("user","user")))
				.andReturn();

		System.out.println(mvcResult.getResponse().getContentAsString());
	}


}

 

END

你可能感興趣的文章

spring security 使用MD5 hash 認證 spring security 預設使用BCrypt , 但是舊的系統使用md5 hash, @Bean Passwor

spring boot 3 建立 Basic Authentication 參考以下網站, 建立一個http basic authentication 為例 https://www.geeksfo

download a file from spring boot controllers ownload a file from spring boot controllers

我有話要說

>>

限制:留言最高字數1000字。 限制:未登入訪客,每則留言間隔需超過10分鐘,每日最多5則留言。

訪客留言

[無留言]

隨機好文

tmux 將終端機切割成多個視 窗 tmux, multiple terminal

[vue.js] input event Form-Input-Components-using-Custom-Events

vue.js component 在parent與child 傳值 component 在parent與child 傳值

00-F2 的 IPV6 反解設定 近日, 強者我的大神同事, line 傳來一句: igogo 上次你那個ipv6的設定檔 再幫我跑一次 如連結 程式都寫

windows ad 如何得知 dn 值 如何得知 windows ad 上的使用者dn 值 https://support.symantec.com/en_US