最小化可运行配置

package com.terwergreen.bugucms.config;

import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Bean;

import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;

import org.springframework.security.config.web.server.ServerHttpSecurity;

import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;

import org.springframework.security.core.userdetails.ReactiveUserDetailsService;

import org.springframework.security.core.userdetails.User;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.web.server.SecurityWebFilterChain;

import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;

import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;

import java.net.URI;

/**

 * @Author Terwer

 * @Date 2018/6/22 15:55

 * @Version 1.0

 * @Description 安全授权配置

 **/

@EnableWebFluxSecurity

public class SecurityConfig {

    private Log logger = LogFactory.getLog(this.getClass());

    @Autowired

    PasswordEncoder passwordEncoder;

    @Bean

    public PasswordEncoder passwordEncoder() {

        return new BCryptPasswordEncoder();

    }

    @Bean

    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {

        logger.info("WebFlux Security begin");

        return http

                .authorizeExchange()

                .pathMatchers("/admin/**")

                .authenticated()

                .pathMatchers("/**")

                .permitAll()

                .and()

                .csrf()

                //.csrfTokenRepository(customCsrfTokenRepository)

                //.requireCsrfProtectionMatcher(customCsrfMatcher)

                .and()

                .formLogin()

                //.loginPage("/login")

                //.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/login?error"))

                //.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/admin"))

                .and()

                .logout()

                //.logoutUrl("/logout")

                .logoutSuccessHandler(logoutSuccessHandler("/login?logout"))

                .and()

                .build();

    }

    public ServerLogoutSuccessHandler logoutSuccessHandler(String uri) {

        RedirectServerLogoutSuccessHandler successHandler = new RedirectServerLogoutSuccessHandler();

        successHandler.setLogoutSuccessUrl(URI.create(uri));

        return successHandler;

    }

    @Bean

    public ReactiveUserDetailsService userDetailsService() {

        //内存中缓存权限数据

        User.UserBuilder userBuilder = User.builder();

        UserDetails admin = userBuilder.username("admin").password(passwordEncoder.encode("123456")).roles("USER", "ADMIN").build();

        // 输出加密密码

        String encodePassword = passwordEncoder.encode("123456");

        logger.info("encodePassword:" + encodePassword);

        return new MapReactiveUserDetailsService(admin);

    }

}

参考

https://www.sudoinit5.com/post/spring-reactive-auth-forms/

WebFlux Spring Security配置的更多相关文章

  1. spring boot 之 spring security 配置

    Spring Security简介 之前项目都是用shiro,但是时过境迁,spring security变得越来越流行.spring security的前身是Acegi, acegi 我也玩过,那都 ...

  2. spring security 配置多个AuthenticationProvider

    前言 发现很少关于spring security的文章,基本都是入门级的,配个UserServiceDetails或者配个路由控制就完事了,而且很多还是xml配置,国内通病...so,本文里的配置都是 ...

  3. Spring学习日志之Spring Security配置

    依赖引入 <dependency> <groupId>org.springframework.security</groupId> <artifactId&g ...

  4. Spring Security配置

    更加优雅地配置Spring Securiy(使用Java配置和注解):https://www.cnblogs.com/xxzhuang/p/5960001.html 采用注解方式实现security: ...

  5. Spring Security配置个过滤器也这么卷

    以前胖哥带大家用Spring Security过滤器实现了验证码认证,今天我们来改良一下验证码认证的配置方式,更符合Spring Security的设计风格,也更加内卷. CaptchaAuthent ...

  6. spring mvc 和spring security配置 web.xml设置

    <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://xmln ...

  7. 通过 Spring Security配置 解决X-Frame-Options deny 造成的页面空白 iframe调用问题

    spring Security下,X-Frame-Options默认为DENY,非Spring Security环境下,X-Frame-Options的默认大多也是DENY,这种情况下,浏览器拒绝当前 ...

  8. spring mvc 和spring security配置 spring-servlet.xml和spring-security.xml设置

    spring-servlet.xml配置 <?xml version="1.0" encoding="UTF-8"?> <beans xmln ...

  9. 最简单的Spring Security配置示例

    代码结构: pom.xml <?xml version="1.0" encoding="UTF-8"?> <project xmlns=&qu ...

随机推荐

  1. SpringMVC -- 梗概--源码--贰--异常管理

    附:实体类 Class : User package com.c61.entity; import java.text.SimpleDateFormat; import java.util.Date; ...

  2. 【Ceisum】Max转GLTF

    参考资料:https://blog.csdn.net/u011394175/article/details/78919281 1.在3DsMax中加入COLLADA插件:COLLADA-MAX-PC_ ...

  3. 【Android】录音暂停和继续

    https://www.2cto.com/kf/201410/347839.html http://blog.csdn.net/wanli_smile/article/details/7715030 ...

  4. 虚拟机中多个Linux系统之间配置免秘钥访问

    1.三个节点cdh1,cdh2,cdh3 2.在每个机器上分别生产公钥对 ssh-keygen -t rsa 3.复制公钥 cd .ssh cat  id_rsa.pub  >> auth ...

  5. java.util.concurrent.RejectedExecutionException 线程池饱和

    java.util.concurrent.RejectedExecutionException at java.util.concurrent.ThreadPoolExecutor$AbortPoli ...

  6. iOS - 白名单应用间相互跳转

    1. 应用间相互跳转简介 在iOS开发的过程中,我们经常会遇到需要从一个应用程序A跳转到另一个应用程序B的场景.这就需要我们掌握iOS应用程序之间的相互跳转知识. 下面来看看我们在开发过程中遇到的应用 ...

  7. Shell find命令详解

    查找文件find ./ -type f 查找目录find ./ -type d 查找名字为test的文件或目录find ./ -name test 查找名字符合正则表达式的文件,注意前面的‘.*’(查 ...

  8. jQuery属性操作(一)

    下载了jQuery的UI组件,发现内容还挺多的,还是决定先把jQuery的源码看完一遍之后再涉足UI组件.考虑到队列和动画使用较少,特别是动画,基本开始使用css3完成.因此暂时略过,开始看jQuer ...

  9. [Offer收割]编程练习赛13 B.最大子矩阵[枚举]

    #1502 : 最大子矩阵 时间限制:10000ms 单点时限:1000ms 内存限制:256MB 描述 给定一个NxM的矩阵A和一个整数K,小Hi希望你能求出其中最大(元素数目最多)的子矩阵,并且该 ...

  10. XmlSerializer的GenerateTempAssembly性能问题例外

    XmlSerializer的两个构造函数不会出现每次构造都创建TempAssembly的性能问题,其内部做了缓存. public XmlSerializer(Type type) public Xml ...