将 Spring Security 5 迁移到 Spring Security 6 HttpSecurity 问题

问题描述 投票:0回答:1

Spring Security 6 中以下代码的替代方案应该是什么?

 http
     .authorizeRequests()
         .requestMatchers("/hub/**").access("hasPermission('SOME_LAYER', '')")
         .and()
     .exceptionHandling()
         .accessDeniedHandler(accessDeniedHandlerClass)
         .and() 
     .authorizeRequests()
         .anyRequest().authenticated()
         .and()
     .sessionManagement()
         .sessionCreationPolicy(SessionCreationPolicy.NEVER);
java spring-security
1个回答
0
投票

在 Spring Security 6 中替代代码如下

        @Bean
        SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
            return  http
                    .authorizeHttpRequests(c->c.requestMatchers("/hub/**").access(new WebExpressionAuthorizationManager("hasPermission('SOME_LAYER', '')")).anyRequest().permitAll())
                    .exceptionHandling(c->c.accessDeniedHandler(accessDeniedHandlerClass))
                    .sessionManagement(c->c.sessionCreationPolicy(SessionCreationPolicy.NEVER))
                    .build();
        }
© www.soinside.com 2019 - 2024. All rights reserved.