我想使用spring安全性进行认证和授权。 我正在使用ultima主题。 我尝试了这段代码,但对我不起作用(它在Spring Boot中有效)。
@Configuration @EnableWebSecurity public class SecurityConfig extends
WebSecurityConfigurerAdapter { @Autowired private
UserSecurityService userSecurityService;
private BCryptPasswordEncoder passwordEncoder() { return
> SecurityUtility.passwordEncoder(); }
private static final String[] PUBLIC_MATCHERS = {
"/css/**",
"/WEB_INF/**",
"/js/**",
"/img/**",
"/font/**",
"/login",
"/signup",
"/login.xhtml",
"/fonts/",
"/javax.faces/login.xhtml",
"/javax.faces/resources/**",
"/javax.faces/WEB_INF/**"
};
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests().
/* antMatchers("/**").*/
antMatchers(PUBLIC_MATCHERS).
permitAll().anyRequest().authenticated();
http
.csrf().disable().cors().disable()
.formLogin().loginPage("/login.xhtml").permitAll()/*.defaultSuccessUrl("/")*/
.failureUrl("/login?error")
.and()
.rememberMe();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
auth.inMemoryAuthentication().withUser("admin").password("admin")
.roles("ADMIN");
}
}
我的结构文件是: src-> main-> webapp,java
我没有pom.xml文件,我在netbeans中使用Java WebApplication 并通过限制互联网手动添加库。