<?xml version="1.0" encoding="UTF-8" standalone="no"?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>部分 VII. Spring Security</title><link rel="stylesheet" type="text/css" href="../docbook.css" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="home" href="../index.html" title="Netkiller Java 手札（版）" /><link rel="up" href="../index.html" title="Netkiller Java 手札（版）" /><link rel="prev" href="../data/shardingsphere.html" title="第 78 章 Apache ShardingSphere" /><link rel="next" href="security.html" title="第 79 章 Springboot 3 + Security 6" /></head><body><a xmlns="" href="//www.netkiller.cn/">Home</a> | <a xmlns="" href="//netkiller.github.io/">简体中文</a> | <a xmlns="" href="http://netkiller.sourceforge.net/">繁体中文</a> | <a xmlns="" href="/journal/index.html">杂文</a>

| <a xmlns="" href="https://github.com/netkiller">Github</a> | <a xmlns="" href="https://zhuanlan.zhihu.com/netkiller">知乎专栏</a> | <a xmlns="" href="https://www.facebook.com/bg7nyt">Facebook</a> | <a xmlns="" href="http://cn.linkedin.com/in/netkiller/">Linkedin</a> | <a xmlns="" href="https://www.youtube.com/user/bg7nyt/videos">Youtube</a> | <a xmlns="" href="//www.netkiller.cn/home/donations.html">打赏(Donations)</a> | <a xmlns="" href="//www.netkiller.cn/home/about.html">About</a><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">部分 VII. Spring Security</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="../data/shardingsphere.html">上一页</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="security.html">下一页</a></td></tr></table><hr /></div><table xmlns=""><tr><td><iframe src="//ghbtns.com/github-btn.html?user=netkiller&amp;repo=netkiller.github.io&amp;type=watch&amp;count=true&amp;size=large" height="30" width="170" frameborder="0" scrolling="0" style="width:170px; height: 30px;" allowTransparency="true"></iframe></td><td><iframe src="//ghbtns.com/github-btn.html?user=netkiller&amp;repo=netkiller.github.io&amp;type=fork&amp;count=true&amp;size=large" height="30" width="170" frameborder="0" scrolling="0" style="width:170px; height: 30px;" allowTransparency="true"></iframe></td><td><iframe src="//ghbtns.com/github-btn.html?user=netkiller&amp;type=follow&amp;count=true&amp;size=large" height="30" width="240" frameborder="0" scrolling="0" style="width:240px; height: 30px;" allowTransparency="true"></iframe></td><td></td><td><a href="https://zhuanlan.zhihu.com/netkiller"><img src="/images/logo/zhihu-card-default.svg" height="25" /></a></td><td valign="middle"><a href="https://zhuanlan.zhihu.com/netkiller">知乎专栏</a></td><td></td><td></td><td></td><td></td></tr></table><div class="part"><div class="titlepage"><div><div><h1 class="title"><a id="index"></a>部分 VII. Spring Security</h1></div></div></div><div class="toc"><p><strong>目录</strong></p><dl class="toc"><dt><span class="chapter"><a href="security.html">79. Springboot 3 + Security 6</a></span></dt><dd><dl><dt><span class="section"><a href="security.html#spring.security.user.name">79.1. Spring Security with HTTP Auth</a></span></dt><dd><dl><dt><span class="section"><a href="security.html#id1582">79.1.1. 默认配置</a></span></dt><dt><span class="section"><a href="security.html#id1583">79.1.2. 设置用户名和密码</a></span></dt><dt><span class="section"><a href="security.html#禁用 Security">79.1.3. 禁用 Security</a></span></dt><dt><span class="section"><a href="security.html#id1584">79.1.4. 设置角色</a></span></dt></dl></dd><dt><span class="section"><a href="OncePerRequestFilter.html">79.2. Springboot 3 Security + OncePerRequestFilter</a></span></dt><dd><dl><dt><span class="section"><a href="OncePerRequestFilter.html#OncePerRequestFilter">79.2.1. OncePerRequestFilter</a></span></dt><dt><span class="section"><a href="OncePerRequestFilter.html#SecurityConfiguration">79.2.2. SecurityConfiguration</a></span></dt></dl></dd><dt><span class="section"><a href="SecurityFilterChain.html">79.3. SecurityFilterChain</a></span></dt><dt><span class="section"><a href="@PreAuthorize.html">79.4. @PreAuthorize</a></span></dt><dd><dl><dt><span class="section"><a href="@PreAuthorize.html#id1585">79.4.1. hasRole</a></span></dt><dt><span class="section"><a href="@PreAuthorize.html#id1586">79.4.2. hasAnyRole</a></span></dt><dt><span class="section"><a href="@PreAuthorize.html#id1587">79.4.3. 从 HttpServletRequest 返回的 request 变量中判断角色</a></span></dt><dt><span class="section"><a href="@PreAuthorize.html#id1588">79.4.4. getAuthentication() 获得角色</a></span></dt><dt><span class="section"><a href="@PreAuthorize.html#id1589">79.4.5. UserDetailsService</a></span></dt></dl></dd><dt><span class="section"><a href="httpBasic.html">79.5. httpBasic 配置</a></span></dt><dd><dl><dt><span class="section"><a href="httpBasic.html#id1590">79.5.1. 禁止 HTTP Auth</a></span></dt></dl></dd><dt><span class="section"><a href="security.ipaddress.html">79.6. 指定 URL 限制 IP 访问</a></span></dt><dt><span class="section"><a href="securtiy.authorization.html">79.7. Authorization Bearer</a></span></dt><dt><span class="section"><a href="ch79s08.html">79.8. InvalidClaimException: The Token can't be used before</a></span></dt></dl></dd><dt><span class="chapter"><a href="SpringAuthorizationServer.html">80. Spring Authorization Server</a></span></dt><dd><dl><dt><span class="section"><a href="SpringAuthorizationServer.html#oauth2.doc">80.1. Oauth2 协议</a></span></dt><dd><dl><dt><span class="section"><a href="SpringAuthorizationServer.html#oauth.token">80.1.1. token</a></span></dt><dt><span class="section"><a href="SpringAuthorizationServer.html#grant_type">80.1.2. grant_type</a></span></dt><dt><span class="section"><a href="SpringAuthorizationServer.html#id1591">80.1.3. 授权码授权模式（Authorization Code Grant）</a></span></dt><dt><span class="section"><a href="SpringAuthorizationServer.html#id1592">80.1.4. 密码模式（Resource Owner Password Credentials Grant）</a></span></dt><dt><span class="section"><a href="SpringAuthorizationServer.html#id1593">80.1.5. 客户端凭证模式（Client Credentials Grant）</a></span></dt><dt><span class="section"><a href="SpringAuthorizationServer.html#id1594">80.1.6. 刷新 TOKEN 方式</a></span></dt></dl></dd><dt><span class="section"><a href="spring-security-oauth2-authorization-server.html">80.2. Maven 依赖</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html">80.3. Spring cloud with Oauth2</a></span></dt><dd><dl><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.authorization_code">80.3.1. authorization_code</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.password">80.3.2. Spring boot with Oauth2 - Password</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.jwt">80.3.3. Spring boot with Oauth2 jwt</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.jwt.keypair">80.3.4. Spring boot with Oauth2 jwt 非对称证书</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.ios">80.3.5. Apple iOS 访问 Oauth2</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#id1629">80.3.6. Oauth2 客户端</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.android">80.3.7. Android Oauth2 + Jwt example</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.RestTemplate">80.3.8. RestTemplate 使用 HttpClient</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth.self-sign">80.3.9. 自签名证书信任问题</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2">80.3.10. Principal</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#id1634">80.3.11. SecurityContextHolder 对象</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#id1638">80.3.12. 资源服务器配置</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#id1640">80.3.13. Client</a></span></dt><dt><span class="section"><a href="spring-cloud-starter-oauth2.html#oauth2.faq">80.3.14. Oauth2 常见问题</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="2.x/index.html">81. Spring boot with Spring security(2.x)</a></span></dt><dd><dl><dt><span class="section"><a href="2.x/index.html#spring-boot-starter-security">81.1. Spring security 静态配置例子</a></span></dt><dd><dl><dt><span class="section"><a href="2.x/index.html#id1643">81.1.1. Maven</a></span></dt><dt><span class="section"><a href="2.x/index.html#id1644">81.1.2. Reource</a></span></dt><dt><span class="section"><a href="2.x/index.html#id1645">81.1.3. Application</a></span></dt><dt><span class="section"><a href="2.x/index.html#id1646">81.1.4. WebSecurityConfigurer</a></span></dt><dt><span class="section"><a href="2.x/index.html#id1647">81.1.5. RestController</a></span></dt><dt><span class="section"><a href="2.x/index.html#id1648">81.1.6. 测试</a></span></dt></dl></dd><dt><span class="section"><a href="2.x/spring.security.mongodb.html">81.2. Spring + Security + MongoDB</a></span></dt><dd><dl><dt><span class="section"><a href="2.x/spring.security.mongodb.html#id1649">81.2.1. Account</a></span></dt><dt><span class="section"><a href="2.x/spring.security.mongodb.html#id1650">81.2.2. AccountRepository</a></span></dt><dt><span class="section"><a href="2.x/spring.security.mongodb.html#id1651">81.2.3. WebSecurityConfiguration</a></span></dt></dl></dd><dt><span class="section"><a href="2.x/WebSecurity.html">81.3. Spring Boot with Web Security(2.x)</a></span></dt><dd><dl><dt><span class="section"><a href="2.x/WebSecurity.html#EnableWebSecurity">81.3.1. EnableWebSecurity</a></span></dt><dt><span class="section"><a href="2.x/WebSecurity.html#id1652">81.3.2. Web静态资源</a></span></dt><dt><span class="section"><a href="2.x/WebSecurity.html#id1653">81.3.3. 正则匹配</a></span></dt><dt><span class="section"><a href="2.x/WebSecurity.html#id1654">81.3.4. 登陆页面，失败页面，登陆中页面</a></span></dt><dt><span class="section"><a href="2.x/WebSecurity.html#corsConfigurationSource()">81.3.5. CORS</a></span></dt><dt><span class="section"><a href="2.x/WebSecurity.html#frameOptions">81.3.6. X-Frame-Options 安全</a></span></dt></dl></dd><dt><span class="section"><a href="2.x/HttpSecurity.html">81.4. 访问控制列表（Access Control List，ACL）</a></span></dt><dd><dl><dt><span class="section"><a href="2.x/HttpSecurity.html#antMatchers">81.4.1. antMatchers</a></span></dt><dt><span class="section"><a href="2.x/HttpSecurity.html#httpBasic">81.4.2. HTTP Auth</a></span></dt><dt><span class="section"><a href="2.x/HttpSecurity.html#HttpMethod">81.4.3. Rest</a></span></dt><dt><span class="section"><a href="2.x/HttpSecurity.html#hasRole">81.4.4. hasRole</a></span></dt><dt><span class="section"><a href="2.x/HttpSecurity.html#hasAnyRole">81.4.5. hasAnyRole()</a></span></dt><dt><span class="section"><a href="2.x/HttpSecurity.html#withUser">81.4.6. withUser</a></span></dt></dl></dd></dl></dd></dl></div>

</div><script xmlns="" type="text/javascript" id="clustrmaps" src="//cdn.clustrmaps.com/map_v2.js?u=r5HG&amp;d=9mi5r_kkDC8uxG8HuY3p4-2qgeeVypAK9vMD-2P6BYM"></script><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="../data/shardingsphere.html">上一页</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="security.html">下一页</a></td></tr><tr><td width="40%" align="left" valign="top">第 78 章 Apache ShardingSphere </td><td width="20%" align="center"><a accesskey="h" href="../index.html">起始页</a></td><td width="40%" align="right" valign="top"> 第 79 章 Springboot 3 + Security 6</td></tr></table></div><script xmlns="">

(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){

(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),

m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)

})(window,document,'script','//www.google-analytics.com/analytics.js','ga');

ga('create', 'UA-11694057-1', 'auto');

ga('send', 'pageview');

</script><script xmlns="" async="async">

var _hmt = _hmt || [];

(function() {

var hm = document.createElement("script");

hm.src = "https://hm.baidu.com/hm.js?93967759a51cda79e49bf4e34d0b0f2c";

var s = document.getElementsByTagName("script")[0];

s.parentNode.insertBefore(hm, s);

})();

</script><script xmlns="" async="async">

(function(){

var bp = document.createElement('script');

var curProtocol = window.location.protocol.split(':')[0];

if (curProtocol === 'https') {

bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';

}

else {

bp.src = 'http://push.zhanzhang.baidu.com/push.js';

}

var s = document.getElementsByTagName("script")[0];

s.parentNode.insertBefore(bp, s);

})();