针对不同端点的多个用户详细信息服务 [英] Multiple user details services for different endpoints
问题描述
我正在使用Spring构建REST API,目前正在使用自定义用户详细信息服务和以下配置代码对我的所有请求进行身份验证:
I am building a REST API using Spring and am currently authenticating all my requests using a custom user details service and this configuration code:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().httpBasic();
}
我还设置了DaoAuthenticationProvider
以使用我的用户详细信息服务,并使用它来配置全局安全性.
I am also setting up a DaoAuthenticationProvider
to use the my user details service and using that to configure global security.
现在,我想提供一个端点(尽管仍通过HTTP基本身份验证进行保护),该端点使用其他用户详细信息服务来检查是否允许用户访问给定资源.
Now, I want to provide an endpoint that (while still secured with HTTP basic authentication) uses a different user details service to check whether the user is allowed to access the given resource.
如何为不同的端点使用两个不同的用户详细信息服务?
How do I use two different user details services for different endpoints?
推荐答案
您可以做的一件事情是拥有两个WebSecurityConfigurerAdapter
:
One thing you can do is have two WebSecurityConfigurerAdapter
s:
@EnableWebSecurity
@Order(Ordered.HIGHEST_PRECEDENCE)
class FirstEndpointConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) {
http
.requestMatchers()
.antMatchers("/specialendpoint")
.and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.userDetailsService(/* first of your userDetailsServices */);
}
}
@Configuration
class SecondEndpointConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) {
http // all other requests handled here
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.userDetailsService(/* second of your userDetailsServices */);
}
}
requestMatchers()
用于将springSecurityFilterChain
定位到特定端点.
requestMatchers()
exists for targeting springSecurityFilterChain
s to specific endpoints.
这篇关于针对不同端点的多个用户详细信息服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!