2023年5月14日 03:02:20go评论39阅读模式

英文:

Spring Security Vaadin 24 not allow permitAll in configuration class but allow in on view level

问题

Here is the translated code portion:

package com.fractal.security;
import com.fractal.views.LoginView;
import com.fractal.views.about.AboutView;
import com.vaadin.flow.spring.security.VaadinWebSecurity;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@EnableWebSecurity
@Configuration
public class SecurityConfig extends VaadinWebSecurity {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests()
                .requestMatchers(new AntPathRequestMatcher("/**")).permitAll();
        super.configure(http);
        setLoginView(http, LoginView.class);

    }

    @Override
    protected void configure(WebSecurity web) throws Exception {
        web.ignoring().requestMatchers(
                "/VAADIN/**",
                "/favicon.ico",
                "/robots.txt",
                "/manifest.webmanifest",
                "/sw.js",
                "/offline.html",
                "/icons/**",
                "/images/**",
                "/styles/**",
                "/h2-console/**");
        super.configure(web);
    }

    @Bean
    UserDetailsManager userDetailsManager(){
        return new InMemoryUserDetailsManager(
                User.withUsername("test")
                        .password("{noop}test")
                        .roles("USER")
                        .build()

        );
    }
}

Please note that I've removed the HTML entities like " and replaced them with the actual characters to make the code more readable. If you have any further questions or need assistance with the code, feel free to ask.

英文:

package com.fractal.security;
import com.fractal.views.LoginView;
import com.fractal.views.about.AboutView;
import com.vaadin.flow.spring.security.VaadinWebSecurity;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@EnableWebSecurity
@Configuration
public class SecurityConfig extends VaadinWebSecurity {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeHttpRequests()
.requestMatchers(new AntPathRequestMatcher(&quot;/**&quot;)).permitAll();
super.configure(http);
setLoginView(http, LoginView.class);
}
@Override
protected void configure(WebSecurity web) throws Exception {
web.ignoring().requestMatchers(
&quot;/VAADIN/**&quot;,
&quot;/favicon.ico&quot;,
&quot;/robots.txt&quot;,
&quot;/manifest.webmanifest&quot;,
&quot;/sw.js&quot;,
&quot;/offline.html&quot;,
&quot;/icons/**&quot;,
&quot;/images/**&quot;,
&quot;/styles/**&quot;,
&quot;/h2-console/**&quot;);
super.configure(web);
}
@Bean
UserDetailsManager userDetailsManager(){
return new InMemoryUserDetailsManager(
User.withUsername(&quot;test&quot;)
.password(&quot;{noop}test&quot;)
.roles(&quot;USER&quot;)
.build()
);
}
}

> When i'am trying to open any url it is not loading the view. But if I will annotate the view .
> with @PermitAll annotation it will work. How to solve it on configuration class level
> How to fix it anybody can help me on it.

答案1

得分: 1

这正常运行。如果没有指定，默认情况下会假定@DenyAll。因此，您必须在那里使用@PermitAll、@AnonymousAllowed或@RolesAllowed之一。

英文:

This is working as expected. @DenyAll is the assumed default if there is nothing specified. So you must have either @PermitAll, @AnonymousAllowed or @RolesAllowed there.

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

Spring Security Vaadin 24 在配置类中不允许 permitAll，但允许在视图级别上设置。

问题

答案1

LDAP: error code 49 – 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 – using Spring tools

A Spring JDBC query hangs accessing a large table. Will the PagingAndSortingRepository in Spring Data JPA solve the problem?

How to configure Jackson deserializer for Retrofit2 responses via Jackson2ObjectMapperBuilderCustomizer class?

密码编码器匹配在Spring Boot中不起作用。

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论