我正在努力使用
SecurityFilterChain
来实现这一目标。任何人都可以帮助我吗?
所有 URL 的
SecurityFilterChain
导航到活动目录/Microsoft 登录。
相反,只有登录网址应该导航到那里,其他网址应该导航到应用程序。
要求:
/v1/login-management/signin
应该导航到 Active Directory/Microsoft 登录/v1/user-management/**"
应该导航到应用程序登录表单这是我到目前为止尝试做的。
@Bean
@Order(1)
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.apply(AadWebApplicationHttpSecurityConfigurer.aadWebApplication())
.and()
.authorizeHttpRequests()
.requestMatchers("/v1/login-management/signin").authenticated()
.and()
.csrf().disable();
return http.build();
}
@Bean
@Order(2)
public SecurityFilterChain filterChainOther(HttpSecurity http) throws Exception {
http
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeHttpRequests()
.requestMatchers("/v1/user-management/**").authenticated() // Always navigating to Microsoft Login
.and()
.csrf().disable();
http.authenticationProvider(customAuthenticationProvider);
http.addFilterBefore(authenticationJwtTokenFilter(),UsernamePasswordAuthenticationFilter.class);
return http.build();
}