我正在构建一个应用程序,其中将有两个不同的客户端。
这两个用户集合及其角色都存储在数据库中。 user_1应该具有与user_2不同的入口点。在我使用它仅登录user_1之前,这段代码一直运行良好,但是在互联网上搜索了多个配置后,这就是我能做的全部。现在,此配置仅适用于配置1,不适用于第二部分
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig {
@Bean
public UserDetailsService user_1_detailService() {
return new CustomUser1DetailService();
}
@Bean
public UserDetailsService user_2_detailService() {
return new CustomUser2DetailService();
}
@Configuration
@Order(1)
public class Two extends WebSecurityConfigurerAdapter{
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
UserDetailsService user_1= user_1_detailService();
auth.userDetailsService(user_1);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests().antMatchers("**/url_1/**").authenticated();
}
}
@Configuration
@Order(2)
public class One extends WebSecurityConfigurerAdapter{
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
UserDetailsService user_2 = user_2_detailService();
auth.userDetailsService(user_2 );
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests().antMatchers("**/url_2/**");
}
}
}