【发布时间】:2021-06-22 21:51:42
【问题描述】:
我正在研究 Webflux 的 Spring 安全性。当我尝试设置从 org.springframework.security.config.Customizer.withDefaults 导入的 withDefaults() 时,它会抛出错误
该类型的方法 httpBasic(withDefaults()) 未定义 ServerHttpSecurity.AuthorizeExchangeSpec
。这是我到目前为止构建的代码。我正在尝试从 Spring Security 示例构建此类。任何帮助将不胜感激。
import static org.springframework.security.config.Customizer.withDefaults;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter;
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class SecurityConfig {
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User.withDefaultPasswordEncoder()
.username("user")
.password("password")
.roles("USER")
.build();
UserDetails admin = User.withDefaultPasswordEncoder()
.username("admin")
.password("password")
.roles("USER","ADMIN")
.build();
return new MapReactiveUserDetailsService(user, admin);
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.headers()
.frameOptions().mode(XFrameOptionsServerHttpHeadersWriter.Mode.SAMEORIGIN);
http
.authorizeExchange()
.anyExchange().authenticated()
.httpBasic(withDefaults())
.formLogin();
return http.build();
}
}
【问题讨论】:
标签: java spring-boot spring-security spring-webflux