Spring Security
文章平均质量分 93
jxxchallenger
不是看到希望才努力,而是努力了才能看到希望。
展开
-
Spring Security 4.x 启用CSRF防御后logout只能是POST请求
学习Spring Security时碰到这个问题 官方原文: 18.5.3 Logging Out Adding CSRF will update the LogoutFilter to only use HTTP POST. This ensures that log out requires a CSRF token and that a ma原创 2017-02-28 20:27:21 · 4210 阅读 · 1 评论 -
Spring Security 自定义登陆页面报HTTP Status 403 - Invalid CSRF Token 'null' was found on the request paramet
在表单中添加隐藏域 Spring Security默认启用CSRF 防御 官方原文: When should you use CSRF protection? Our recommendation is to use CSRF protection for any request that could be processed by a browser by原创 2017-02-28 20:19:05 · 8382 阅读 · 1 评论 -
Spring Security 4.x 启用BCrypt加密
10.3 Password Encoding Spring Security’s PasswordEncoder interface is used to support the use of passwords which are encoded in some way in persistent storage. You should never store passwo原创 2017-02-28 20:32:07 · 2711 阅读 · 0 评论 -
Spring Security 角色继承
1、创建RoleHierarchy /** * 角色继承关系 * @return */ @Bean(name = "roleHierarchy") public RoleHierarchy getRoleHierarchyImpl() { RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); roleHi...原创 2019-01-12 15:55:04 · 541 阅读 · 0 评论 -
thymeleaf获取spring security当前用户信息
#当前用户名 ${#authentication.name} #当前用户的xxx属性 ${#authentication.principal.xxx}原创 2019-01-19 14:40:57 · 8369 阅读 · 8 评论 -
spring security 配置相关
org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration原创 2019-01-19 17:46:37 · 176 阅读 · 1 评论