Spring中@EnableWebSecurity有什么用? [英] What is the use of @EnableWebSecurity in Spring?
问题描述
根据 Spring 文档:
<块引用>将此注解添加到 @Configuration
类以具有 Spring任何 WebSecurityConfigurer
或更多中定义的安全配置可能通过扩展 WebSecurityConfigurerAdapter
基类和覆盖单个方法:
或者正如这个 @EnableWebSecurity
描述的,用于在我们的项目中启用 SpringSecurity.
但我的问题是,即使我没有用 @EnableWebSecurity
注释我的任何类,应用程序仍然会提示输入用户名和密码.(默认行为)
所以我在 @EnableWebSecurity
和没有 @EnableWebSecurity
的情况下收到相同的行为.
谁能解释一下这个注解到底是干什么的?
@EnableWebSecurity
是一个标记注解.它允许 Spring 查找(它是一个 @Configuration
,因此是 @Component
)并自动将该类应用到全局 WebSecurity
.><块引用>
如果我没有用 @EnableWebSecurity
注释我的任何类,应用程序仍然会提示输入用户名和密码.
是的,这是默认行为.如果您查看您的类路径,您会发现其他标有该注释的类(取决于您的依赖项):
SpringBootWebSecurityConfiguration
;FallbackWebSecurityAutoConfiguration
;WebMvcSecurityConfiguration
.
仔细考虑它们,关闭所需的配置,或覆盖其行为.
As per the Spring documantation:
Add this annotation to an
@Configuration
class to have the Spring Security configuration defined in anyWebSecurityConfigurer
or more likely by extending theWebSecurityConfigurerAdapter
base class and overriding individual methods:
Or As this @EnableWebSecurity
depicts, is used to enable SpringSecurity in our project.
But my question is that even if I don't annotate any of my class with @EnableWebSecurity
still the application prompting for username and password.(default behaviour)
So I am receiving the same behaviour with @EnableWebSecurity
and without @EnableWebSecurity
.
Can someone please explain what exactly is this annotation for?
The @EnableWebSecurity
is a marker annotation. It allows Spring to find (it's a @Configuration
and, therefore, @Component
) and automatically apply the class to the global WebSecurity
.
If I don't annotate any of my class with
@EnableWebSecurity
still the application prompting for username and password.
Yes, it is the default behavior. If you looked at your classpath, you could find other classes marked with that annotation (depends on your dependencies):
SpringBootWebSecurityConfiguration
;FallbackWebSecurityAutoConfiguration
;WebMvcSecurityConfiguration
.
Consider them carefully, turn the needed configuration off, or override its behavior.
这篇关于Spring中@EnableWebSecurity有什么用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!