我有这个过滤器:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatchers(new RequestHeaderRequestMatcher("Caller", "Rem"));
// add here a seconde filter condition for basic Auth
}
仅在头过滤器之后,我想使用相同的配置在下面的内存中创建另一个过滤器:
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(NoOpPasswordEncoder.getInstance())
.withUser("myAccount").password("MyPassword").roles("USER");
}
非常感谢。
http.httpBasic().and()
.authorizeRequests()
.requestMatchers(new AndRequestMatcher(new RequestHeaderRequestMatcher("Caller", "Rem"), new AntPathRequestMatcher("/hello/one")))
.hasRole("USER")
.and()
.authorizeRequests().anyRequest().authenticated()
.anyRequest().denyAll();
在您的方案中,将“ / hello / one”替换为“ / **”。
说明: