英文:
A qustion for WebSecurityConfigurerAdapter deprecated
问题
在新的Spring Security中,我应该如何替换以下代码:
``` java
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService).passwordEncoder(passwordEncoder).and().eraseCredentials(false); }
我希望得到最新的代码。
<details>
<summary>英文:</summary>
In new Spring Security, what should I do to replace these code follw:
``` java
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService).passwordEncoder(passwordEncoder).and().eraseCredentials(false); }
I hope to get the lasted code.
答案1
得分: 1
对于Spring Boot版本3,您可以参考我的代码:
@EnableWebSecurity
@Configuration
@RequiredArgsConstructor
public class SecurityConfig {
private final UserDetailServiceImpl userDetailsService;
private final BCryptPasswordEncoder encoder;
private final JwtFilter filter;
private final JwtAuthenticationEntryPoint point;
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf(csrf -> csrf.disable())
.authorizeRequests()
.requestMatchers("/category/add").authenticated()
.requestMatchers("/authenticate", "/register").permitAll()
.anyRequest().authenticated()
.and()
.exceptionHandling(ex -> ex.authenticationEntryPoint(point))
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
http.addFilterBefore(filter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
@Bean
public AuthenticationManager authenticationManager() throws Exception {
return new CustomAuthenticationManager();
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(encoder);
return authenticationProvider;
}
}
public class CustomAuthenticationManager implements AuthenticationManager {
@Autowired
private DaoAuthenticationProvider authenticationProvider;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
return authenticationProvider.authenticate(authentication);
}
}
CustomAuthentcationManager:
public class CustomAuthenticationManager implements AuthenticationManager {
@Autowired
private DaoAuthenticationProvider authenticationProvider;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
return authenticationProvider.authenticate(authentication);
}
}
英文:
For spring boot version 3 you can refer my code :
@EnableWebSecurity
@Configuration
@RequiredArgsConstructor
public class SecurityConfig {
private final UserDetailServiceImpl userDetailsService;
private final BCryptPasswordEncoder encoder;
private final JwtFilter filter;
private final JwtAuthenticationEntryPoint point;
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf(csrf -> csrf.disable())
.authorizeRequests().
requestMatchers("/category/add")
.authenticated()
.requestMatchers("/authenticate","/register").permitAll()
.anyRequest()
.authenticated()
.and().exceptionHandling(ex -> ex.authenticationEntryPoint(point))
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
http.addFilterBefore(filter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
@Bean
public AuthenticationManager authenticationManager() throws Exception {
return new CustomAuthenticationManager();
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(encoder);
return authenticationProvider;
}
}
CustomAuthentcationManager :
public class CustomAuthenticationManager implements AuthenticationManager {
@Autowired
private DaoAuthenticationProvider authenticationProvider;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
return authenticationProvider.authenticate(authentication);
}
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论