我正在尝试在注册及其工作过程中对密码进行加密,当我发布注册时将其保存在db中,并将密码加密。 但是其他api会被拒绝访问,例如,当我尝试登录或让所有用户访问时,它会禁止我403“拒绝访问”我的代码有什么错误?
这是我的安全等级
package com.user.user.config.security;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
private final UserDetailsService userDetailsService;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
public static final String SIGN_UP_URL = "/registration";
public WebSecurityConfig(UserDetailsService userDetailsService,
BCryptPasswordEncoder bCryptPasswordEncoder) {
this.userDetailsService = userDetailsService;
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers
(HttpMethod.POST,
SIGN_UP_URL).permitAll().anyRequest().authenticated();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws
Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(bCryptPasswordEncoder);
}
}
这是类服务中的方法
public List<Users> getAllUsers() {
List<Users> users = new ArrayList<>();
userRepository.findAll()
.forEach(users::add);
return users;
}
public void registration(Users users) {
//
users.setPassword(bCryptPasswordEncoder
.encode(users.getPassword()));
users.setPassword(bCryptPasswordEncoder
.encode(users.getPassword()));
userRepository.save(users);
}
我在主类中添加了此方法
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
我该怎么做才能解决我的问题?
答案 0 :(得分:0)
在我编辑此功能时可以使用
import requests,threading,queue,time
s1=time.time()
def a(i):
print(i)
b=requests.get('http://www.baidu.com').text
tl=[]
for j in range(100):
t=threading.Thread(target=a,args=(j,))
t.start()
tl.append(t)
for k in tl:
k.join()
print(time.time()-s1)
但是大张旗鼓不起作用我应该添加些什么才能使其起作用?
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers( "/registration","/users","/login")
.permitAll().anyRequest().authenticated();
}