如何更改端点地址以生成JWT令牌

时间:2017-10-27 11:01:13

标签: java spring-boot spring-security authorization jwt

默认情况下,spring boot web security使用/login端点登录并生成令牌。但是,我需要/user/login端点来做到这一点。我的WebSecurityConfig看起来像这样:

protected void configure(HttpSecurity http) throws Exception {
    http.cors().and().csrf().disable().authorizeRequests()
            .antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
            .anyRequest().authenticated()
            .and()
            .addFilter(new JWTAuthenticationFilter(authenticationManager()))
            .addFilter(new JWTAuthorizationFilter(authenticationManager()))
            // this disables session creation on Spring Security
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}

我想知道如何更改端点地址以生成JWT令牌?提前谢谢!

2 个答案:

答案 0 :(得分:0)

您可以像这样更改.loginPage()参数; 

@Override
protected void configure(HttpSecurity http) throws Exception {

    http.csrf().disable()
            .authorizeRequests()
            .antMatchers("/", "/home", "/about").permitAll()
            .antMatchers("/admin/**").hasAnyRole("ADMIN")
            .antMatchers("/user/**").hasAnyRole("USER")
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .loginPage("/user/login")
            .permitAll()
            .and()
            .logout()
            .permitAll()
            .and()
            .exceptionHandling().accessDeniedHandler(accessDeniedHandler);
}

答案 1 :(得分:0)

我做了一点调查,这是不可能的,因为生成令牌我使用自己的过滤器(JWTAuthenticationFilter)。该过滤器从UsernamePasswordAuthenticationFilter扩展,构造函数中有一个硬编码端点:

public UsernamePasswordAuthenticationFilter() {
  super(new AntPathRequestMatcher("/login", "POST"));
}
相关问题
最新问题