@Configuration @ConditionalOnBean(value=AbstractSecurityConfig.class) @ConditionalOnClass(value={org.springframework.security.authentication.DefaultAuthenticationEventPublisher.class,org.springframework.security.config.annotation.web.configuration.EnableWebSecurity.class,org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class}) @ConditionalOnProperty(prefix="yishuifengxiao.security", name="enable", havingValue="true", matchIfMissing=true) public class SecurityAuthorizeProviderAutoConfiguration extends Object
| Constructor and Description |
|---|
SecurityAuthorizeProviderAutoConfiguration() |
| Modifier and Type | Method and Description |
|---|---|
AuthorizeProvider |
corsAuthorizeProvider()
跨域处理授权提供器
|
AuthorizeProvider |
csrfAuthorizeProvider()
CSRF处理授权提供器
|
CustomResourceProvider |
customAuthority()
注入一个名为 customAuthority 授权行为实体
|
AuthorizeProvider |
customAuthorizeProvider(CustomResourceProvider customAuthority)
自定义授权提供器
|
AuthorizeProvider |
exceptionAuthorizeProvider(org.springframework.security.web.AuthenticationEntryPoint exceptionAuthenticationEntryPoint,
org.springframework.security.web.access.AccessDeniedHandler customAccessDeniedHandler)
异常处理授权提供器
|
AuthorizeProvider |
formLoginProvider(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler,
org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)
表单登陆授权管理
|
AuthorizeProvider |
httpBasicAuthorizeProvider(org.springframework.security.web.AuthenticationEntryPoint exceptionAuthenticationEntryPoint)
Basic登陆授权提供器
|
AuthorizeProvider |
interceptAllProvider()
拦截所有资源
|
AuthorizeProvider |
loginOutProvider(org.springframework.security.web.authentication.logout.LogoutSuccessHandler logoutSuccessHandler)
退出授权管理
|
AuthorizeProvider |
permitAllConfigProvider()
放行通过授权管理
|
AuthorizeProvider |
remeberMeProvider(org.springframework.security.web.authentication.rememberme.PersistentTokenRepository persistentTokenRepository,
org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
记住我授权管理
|
AuthorizeProvider |
sessionProvider(org.springframework.security.web.session.SessionInformationExpiredStrategy sessionInformationExpiredStrategy,
org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)
session授权管理
|
public SecurityAuthorizeProviderAutoConfiguration()
@Bean(value="customAuthority") @ConditionalOnMissingBean(name="customAuthority") public CustomResourceProvider customAuthority()
@Bean(value="customAuthorizeProvider") @ConditionalOnMissingBean(name="customAuthorizeProvider") public AuthorizeProvider customAuthorizeProvider(@Qualifier(value="customAuthority") CustomResourceProvider customAuthority)
customAuthority - 自定义授权提供器@Bean(value="formLoginProvider") @ConditionalOnMissingBean(name="formLoginProvider") public AuthorizeProvider formLoginProvider(org.springframework.security.web.authentication.AuthenticationSuccessHandler authenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)
authenticationSuccessHandler - 登陆成功处理器authenticationFailureHandler - 登陆失败处理器@Bean(value="interceptAllProvider") @ConditionalOnMissingBean(name="interceptAllProvider") public AuthorizeProvider interceptAllProvider()
@Bean(value="loginOutProvider") @ConditionalOnMissingBean(name="loginOutProvider") public AuthorizeProvider loginOutProvider(org.springframework.security.web.authentication.logout.LogoutSuccessHandler logoutSuccessHandler)
logoutSuccessHandler - 退出成功管理@Bean(value="remeberMeProvider") @ConditionalOnMissingBean(name="remeberMeProvider") public AuthorizeProvider remeberMeProvider(org.springframework.security.web.authentication.rememberme.PersistentTokenRepository persistentTokenRepository, org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
persistentTokenRepository - token存储器userDetailsService - 用户认证处理器@Bean(value="sessionProvider") @ConditionalOnMissingBean(name="sessionProvider") public AuthorizeProvider sessionProvider(org.springframework.security.web.session.SessionInformationExpiredStrategy sessionInformationExpiredStrategy, org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler)
sessionInformationExpiredStrategy - session失效策略authenticationFailureHandler - 认证失败处理器@Bean(value="permitAllProvider") @ConditionalOnMissingBean(name="permitAllProvider") public AuthorizeProvider permitAllConfigProvider()
@Bean(value="httpBasicAuthorizeProvider") @ConditionalOnMissingBean(name="httpBasicAuthorizeProvider") public AuthorizeProvider httpBasicAuthorizeProvider(@Qualifier(value="exceptionAuthenticationEntryPoint") org.springframework.security.web.AuthenticationEntryPoint exceptionAuthenticationEntryPoint)
exceptionAuthenticationEntryPoint - 异常处理@Bean(value="exceptionAuthorizeProvider") @ConditionalOnMissingBean(name="exceptionAuthorizeProvider") public AuthorizeProvider exceptionAuthorizeProvider(@Qualifier(value="exceptionAuthenticationEntryPoint") org.springframework.security.web.AuthenticationEntryPoint exceptionAuthenticationEntryPoint, org.springframework.security.web.access.AccessDeniedHandler customAccessDeniedHandler)
exceptionAuthenticationEntryPoint - AuthenticationEntryPointcustomAccessDeniedHandler - 权限拒绝处理器@Bean(value="corsAuthorizeProvider") @ConditionalOnMissingBean(name="corsAuthorizeProvider") public AuthorizeProvider corsAuthorizeProvider()
@Bean(value="csrfAuthorizeProvider") @ConditionalOnMissingBean(name="csrfAuthorizeProvider") public AuthorizeProvider csrfAuthorizeProvider()
Copyright © 2021. All rights reserved.