当使用非浏览器处理Basic HTTP Authentication
认证时,需post请求携带auth
参数即可
Basic HTTP Authentication
认证过程
1.用户访问未授权的private
2.FilterSecurityInterceptor
抛出AccessDeniedException
3.ExceptionTranslationFilter
开始作用,调用BasicAuthenticationEntryPoint
发送WWW-Authenticate
header.当客户端收到WWW-Authenticate
header,会再次需用户输入username and password
protected void configure(HttpSecurity http) {
http
// ...
.httpBasic(withDefaults());
}
参考:
https://docs.spring.io/spring-security/site/docs/5.4.5/reference/html5/#servlet-authentication-basic