小编Jsc*_*ery的帖子

我正在尝试创建一个项目来了解有关 Spring Security 的更多信息，并且尝试遵循从安全过滤器链 -> 身份验证管理器 -> 身份验证提供程序 -> UserDetailsS​​ervice -> DB开始的流程

我一直参考的流程：

我的安全配置：

@EnableWebSecurity
@Configuration
@RequiredArgsConstructor
public class SecurityConfig{
    DetailService userDetailService;

    @Bean
    public PasswordEncoder getPassWordEncoder() {
        return new BCryptPasswordEncoder(15);
    }

    @Bean
    DaoAuthenticationProvider authProvider(){
        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
        authProvider.setUserDetailsService(userDetailService);
        authProvider.setPasswordEncoder(getPassWordEncoder());
        return authProvider;
    }

    @Bean
    public ProviderManager authManagerBean(HttpSecurity security) throws Exception {
        return (ProviderManager) security.getSharedObject(AuthenticationManagerBuilder.class)
                .authenticationProvider(authProvider()).
                build();
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
        http.authorizeHttpRequests(authorize -> authorize.requestMatchers("/login/**", "/css/**", "/js/**", "/registration/**").permitAll()
                .anyRequest().authenticated())
                .csrf().disable()
                .formLogin(form -> form.loginPage("/login")
                .defaultSuccessUrl("/home")
                .failureForwardUrl("/login-failure?error=true"))
                .logout().permitAll(); …