SSM中使用Spring Security强制通道的安全性,将http强制跳转为https

SSM中使用Spring Security强制通道的安全性

• 在maven工程中pom.xml文件中引入相关依赖。

    <!-- 第八部分：spring security依赖 -->
    <!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-core -->
    <dependency>
      <groupId>org.springframework.security</groupId>
      <artifactId>spring-security-core</artifactId>
      <version>5.1.5.RELEASE</version>
    </dependency><!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-config -->
    <dependency>
      <groupId>org.springframework.security</groupId>
      <artifactId>spring-security-config</artifactId>
      <version>5.1.5.RELEASE</version>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-web -->
    <dependency>
      <groupId>org.springframework.security</groupId>
      <artifactId>spring-security-web</artifactId>
      <version>5.1.5.RELEASE</version>
    </dependency>

• 编写配置类SecurityConfig和SecurityWebInitializer

• SecurityWebInitializer

package com.HW_CloudComputer.webconfig.securityconfig;

import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;

public class SecurityWebInitializer extends AbstractSecurityWebApplicationInitializer {
}

• SecurityConfig

package com.HW_CloudComputer.webconfig.securityconfig;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception{
        //将对应请求路径的请求由http跳转为https
       http.requiresChannel()
               .antMatchers("/realtime").requiresSecure();

    }
}