Question

我有一个问题。为什么弹簧安全仅适用于弹簧靴？我有以下配置：

AbstractSecurityWebApplicationInitializer

public class SecurityWebInitializer extends AbstractSecurityWebApplicationInitializer {
    }

WebSecurityConfigurerAdapter

    @Configuration
    @EnableWebSecurity
    public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

        @Autowired
        public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        ...
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            CharacterEncodingFilter filter = new CharacterEncodingFilter();
            filter.setEncoding("UTF-8");
            filter.setForceEncoding(true);
            http.addFilterBefore(filter,CsrfFilter.class);
            ...
    }

我尝试过这只是添加spring安全依赖项，例如：

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>
    <version>5.0.3.RELEASE</version>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>5.0.3.RELEASE</version>
</dependency>

但它不起作用，但是当我添加

时

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <version>1.5.2.RELEASE</version>
        </dependency>

它开始工作了。为什么弹簧安全仅适用于弹簧靴？

Answer 1

Spring安全性也可以在没有spring boot的情况下运行。使用下面的依赖项它将起作用。

    <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>4.1.3.RELEASE</version>
        </dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>${spring.ver}</version>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>4.1.3.RELEASE</version>
</dependency>

Answer 2

Spring安全性与Spring Boot无关。它是spring的模块之一，用于处理与安全相关的功能。

有多种实现Spring安全性的方法

通过maven：-通过以下配置更新pom.xml

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-ldap</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-taglibs</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
</dependency>

通过Gradle：-通过添加以下配置build.gradle

compile "org.springframework.security:spring-security-core:$springSecurityVersion"

    compile "org.springframework.security:spring-security-web:$springSecurityVersion"

    compile "org.springframework.security:spring-security-ldap:$springSecurityVersion"

    compile "org.springframework.security:spring-security-taglibs:$springSecurityVersion"

    compile "org.springframework.security:spring-security-acl:$springSecurityVersion"

    compile "org.springframework.security:spring-security-config:$springSecurityVersion"

通过在项目构建路径中添加spring security jar文件。

弹簧安全和弹簧启动

2 个答案: