编程知识 cdmana.com

Spring Webflux security configuration tutorial and source code - vinsguru

Tutorial demo Spring WebFlux Security Reaction formula Web Application security .

Suppose that one has 3 individual API Simple applications for endpoints . We need to have the security shown below . 

 route :/home/admin    role :ADMIN
 route :/home/user     role :ADMIN, USER
 route :/home/any      role :ADMIN

 

First step :

I use the following endpoint to create a REST controller :

@RestController
@RequestMapping("home")
public class AuthController {

    @GetMapping("user")
    public Mono<String> userHome(){
        return Mono.just("user home");
    }

    @GetMapping("admin")
    public Mono<String> adminHome(){
        return Mono.just("admin home");
    }

    @GetMapping("any")
    public Mono<String> any(){
        return Mono.just("authenticated home");
    }

}

Spring WebFlux Security configuration :

  • Create a configuration class , To use allowed roles / Permission configuration path , As shown below .
  • As long as it's authenticated , Anyone in the application can use any other path ( for example :/ home / any).

@EnableWebFluxSecurity
public class WebSecurityConfig {

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http.authorizeExchange()
                .pathMatchers("/home/user").hasAnyRole("USER", "ADMIN")
                .pathMatchers("/home/admin").hasRole("ADMIN")
                .anyExchange()
                .authenticated()
                .and()
                .formLogin();
        return http.build();
    }

}

@EnableReactiveMethodSecurity

If you don't like the configuration path matcher and role method above , We can keep security simple , As shown below .

@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class WebSecurityConfig {

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http.authorizeExchange()
                .anyExchange()
                .authenticated()
                .and()
                .formLogin();
        return http.build();
    }

}

We can add PreAuthorize / PostAuthorize Comment to provide similar behavior .

@GetMapping("user")
@PreAuthorize("hasRole('USER')")
public Mono<String> userHome(){
    return Mono.just("user home");
}

@GetMapping("admin")
@PreAuthorize("hasRole('ADMIN')")
public Mono<String> adminHome(){
    return Mono.just("admin home");
}

 

The second step User database :

I need a user database . I'm putting Map For the purpose of this demonstration .

  • We need to use a user name , Passwords and user specific roles to build UserDetails object

@Configuration
public class UserDB {

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Bean
    public Map<String, UserDetails> map(){
        return Map.of(
                "user", User.withUsername("user").password(passwordEncoder.encode("user")).roles("USER").build(),
                "admin", User.withUsername("admin").password(passwordEncoder.encode("admin")).roles("ADMIN").build(),
                "any", User.withUsername("any").password(passwordEncoder.encode("any")).authorities(Collections.emptyList()).build()
        );
    }

}

 

The last step , We need to ReactiveUserDetailsS​​ervice Implementation according to the user name to return user details .

@Service
public class UserDetailsServiceImpl implements ReactiveUserDetailsService {

    @Autowired
    private Map<String, UserDetails> map;

    @Override
    public Mono<UserDetails> findByUsername(String username) {
       return Mono.just(this.map.get(username));
    }

}

  

Start the application . Try to access any of the above configured endpoints . The application will automatically redirect you to the login page .

 

         

版权声明
本文为[On jdon]所创,转载请带上原文链接,感谢
https://cdmana.com/2020/12/20201224214821031C.html

Scroll to Top