Spring Security通过内存配置的用户账号实现登录验证的实例的代码详情-代码-最代码

首页>代码>Spring Security通过内存配置的用户账号实现登录验证的实例>/inmemory/src/main/java/com/memorynotfound/spring/security/config/SecurityConfig.java

package com.memorynotfound.spring.security.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    public static final String REALM_NAME = "zuidaima.com";

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .csrf()
                .disable()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .and()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("zuidaima")
                .password("111111").roles("USER")
                .authorities("READ_PRIVILEGES")
                .and()
                .withUser("zuidaima_admin")
                .password("111111")
                .credentialsExpired(true)
                .accountExpired(true)
                .accountLocked(true)
                .roles("MANAGER")
                .authorities("WRITE_PRIVILEGES", "READ_PRIVILEGES");
    }

}