【问题标题】:Why doesn't SimpleAuthorityMapper's mapAuthorities method doesn't work in Spring Securit?为什么 SimpleAuthorityMapper 的 map Authorities 方法在 Spring Security 中不起作用?
【发布时间】:2020-09-10 08:35:09
【问题描述】:
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

我有

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
    KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
    SimpleAuthorityMapper grantedAuthorityMapper = new SimpleAuthorityMapper();

如果我使用这条线

grantedAuthorityMapper.setDefaultAuthority("ROLE_ADMIN");

然后我可以访问我的 API 端点。但是,如果我使用这两行:

List<GrantedAuthority> grantedAuthorityList = AuthorityUtils.createAuthorityList("ROLE_ADMIN", "ROLE_USER");
grantedAuthorityMapper.mapAuthorities(grantedAuthorityList);

然后我无法访问我的 API 端点。

我认为mapAuthorities 方法不起作用,或者我遗漏了什么或者我做错了什么。

这是最后两行:

    keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(grantedAuthorityMapper);
    auth.authenticationProvider(keycloakAuthenticationProvider);
}

【问题讨论】:

    标签: java spring-boot spring-security keycloak


    【解决方案1】:

    可能是,你需要添加:

    @Secured({ "ROLE_USER", "ROLE_ADMIN"})
    

    到你的(控制器)类?

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2016-12-15
      • 1970-01-01
      • 2015-06-22
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2017-05-13
      相关资源
      最近更新 更多