阅读spring security文档
This commit is contained in:
asahi
@@ -683,4 +683,54 @@ TokenBasedRemeberMeService支持上述基于hash的rememberMe方法。`TokenBase
|
|||||||
|
|
||||||
为了`TokenBasedRememberMeServices`生成的token必须能被`RememberMeAuthenticationToken`正确的校验,必须相同的`key`必须能够在两者之间进行共享。
|
为了`TokenBasedRememberMeServices`生成的token必须能被`RememberMeAuthenticationToken`正确的校验,必须相同的`key`必须能够在两者之间进行共享。
|
||||||
|
|
||||||
|
默认情况下,TokenBasedRememberMeService使用`SHA-256`来对token进行编码。如果想要针对`TokenBasedRememberMeServices`进行自定义,可以发布自己的bean:
|
||||||
|
```java
|
||||||
|
@Bean
|
||||||
|
SecurityFilterChain securityFilterChain(HttpSecurity http, RememberMeServices rememberMeServices) throws Exception {
|
||||||
|
http
|
||||||
|
.authorizeHttpRequests((authorize) -> authorize
|
||||||
|
.anyRequest().authenticated()
|
||||||
|
)
|
||||||
|
.rememberMe((remember) -> remember
|
||||||
|
.rememberMeServices(rememberMeServices)
|
||||||
|
);
|
||||||
|
return http.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
RememberMeServices rememberMeServices(UserDetailsService userDetailsService) {
|
||||||
|
RememberMeTokenAlgorithm encodingAlgorithm = RememberMeTokenAlgorithm.SHA256;
|
||||||
|
TokenBasedRememberMeServices rememberMe = new TokenBasedRememberMeServices(myKey, userDetailsService, encodingAlgorithm);
|
||||||
|
// 修改编码算法
|
||||||
|
rememberMe.setMatchingAlgorithm(RememberMeTokenAlgorithm.MD5);
|
||||||
|
return rememberMe;
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
为了启用rememberMe,需要在应用上下文中包含如下bean:
|
||||||
|
```java
|
||||||
|
@Bean
|
||||||
|
RememberMeAuthenticationFilter rememberMeFilter() {
|
||||||
|
RememberMeAuthenticationFilter rememberMeFilter = new RememberMeAuthenticationFilter();
|
||||||
|
rememberMeFilter.setRememberMeServices(rememberMeServices());
|
||||||
|
rememberMeFilter.setAuthenticationManager(theAuthenticationManager);
|
||||||
|
return rememberMeFilter;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
TokenBasedRememberMeServices rememberMeServices() {
|
||||||
|
TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices();
|
||||||
|
rememberMeServices.setUserDetailsService(myUserDetailsService);
|
||||||
|
rememberMeServices.setKey("springRocks");
|
||||||
|
return rememberMeServices;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
RememberMeAuthenticationProvider rememberMeAuthenticationProvider() {
|
||||||
|
RememberMeAuthenticationProvider rememberMeAuthenticationProvider = new RememberMeAuthenticationProvider();
|
||||||
|
rememberMeAuthenticationProvider.setKey("springRocks");
|
||||||
|
return rememberMeAuthenticationProvider;
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user