英文:
Spring Boot Consider switching to 'HttpSecurity' Lambda DSL syntax
问题
以下是您提供的代码的翻译部分:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().disable();
http.httpBasic().authenticationEntryPoint(new AuthEntryPoint());
http.authorizeHttpRequests()
.requestMatchers(HttpMethod.POST, "/api/1.0/auth").authenticated()
.and()
.authorizeHttpRequests().anyRequest().permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
请注意,我已经去掉了代码中的翻译部分,只保留了原始的Java代码。如果您有任何其他问题或需要进一步的帮助,请随时提问。
英文:
My code is here. new AuthEntryPoint() code error to Consider switching to 'HttpSecurity' Lambda DSL syntax. How can i solved. pls help me
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().disable();
http.httpBasic().authenticationEntryPoint(new AuthEntryPoint());
http.authorizeHttpRequests()
.requestMatchers(HttpMethod.POST, "/api/1.0/auth").authenticated()
.and()
.authorizeHttpRequests().anyRequest().permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
i try google bard and chatgbt
答案1
得分: 1
请将上面的代码重写为以下类似的形式,不需要使用.and()
:
http
.cors(cors -> cors.disable())
.csrf(csrf -> csrf.disable())
.authorizeHttpRequests(authorizeRequests ->
authorizeRequests
.antMatchers("/admins-only/**").hasAuthority(ADMIN)
.antMatchers(HttpMethod.GET, "/**").permitAll()
.anyRequest().authenticated()
);
同样,您可以尝试不同的配置选项。
如果您特别需要为authEntryPoint
:
http
.httpBasic(withDefaults())
.authenticationEntryPoint(AuthEntryPoint::new);
英文:
Rewrite the above code similar to this and there will be no need of .and()
http.cors(cors -> cors.disable()).csrf(csrf -> csrf.disable())
.authorizeHttpRequests(authorizeRequests ->
authorizeRequests.antMatchers("/admins-only/**").hasAuthority(ADMIN)
.antMatchers(HttpMethod.GET, "/**").permitAll()
.anyRequest()
.authenticated());
Similarly, you can try for the different configurations you already have.
If you want specifically for authEntryPoint
http.httpBasic(withDefaults()).authenticationEntryPoint(AuthEntryPoint::new)
答案2
得分: 1
你的配置风格仍然有效且受支持。这是来自你的IDE的警告,而不是错误消息。添加Lambda表达式已经包含在Spring Security 5.2版本中,旨在提供更多灵活性,但它们的使用是可选的。
正如在文档中所述:
> Lambda DSL是为实现以下目标而创建的:
>
> - 自动缩进使配置更具可读性。
> - 无需使用 .and() 链接配置选项。
> - Spring Security DSL具有类似于其他Spring DSL(如Spring Integration和Spring Cloud Gateway)的配置风格。
查看Spring Blog中的文章 Spring Security - Lambda DSL 以获取更多信息。
英文:
your configuration style is still valid and supported. This is a warning from your IDE, not an error message. Adding lambdas was included in Spring Security 5.2 release and is intended to provide more flexibility, but their usage is optional.
As in the documentation:
> The Lambda DSL was created to accomplish to following goals:
>
> - Automatic indentation makes the configuration more readable.
> - The is no need to chain configuration options using .and().
> - The Spring Security DSL has a similar configuration style to other Spring DSLs such as Spring Integration and Spring Cloud Gateway.
Check the article Spring Security - Lambda DSL in Spring Blog for more information.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论