Ram*_*Ram 5 spring spring-mvc spring-security spring-security-ldap spring-boot
在 Spring security 中,我想对以 api/** 开头的 URL 使用基本身份验证,对于以 /ldap/ 开头的 URL 使用 LDAP Rest 身份验证。我的当前代码还允许使用基本身份验证的ldap/。
即使我将它们用作单独的 AuthenticationProviders(如 LdapAuthProvider 和 BasicAuthProvider),问题仍然存在,我如何使用它来指向特定的 url
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
@Configuration
@Order(1)
public class BasicAuthenticationProvider extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/swagger-ui*", "/info", "/health").permitAll()
.and().authorizeRequests().antMatchers("/order/**").fullyAuthenticated()
.and().httpBasic().and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().csrf().disable()
.anonymous().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(inMemoryUserDetailsManager());
}
}
@Configuration
@Order(2)
public class LdapAuthenticationProvider extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/ldap/**").fullyAuthenticated().and().httpBasic()
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.ldapAuthentication() code here......
}
}
}
| 归档时间: |
|
| 查看次数: |
1462 次 |
| 最近记录: |