(window.webpackJsonp=window.webpackJsonp||[]).push([[621],{1052:function(e,t,r){"use strict";r.r(t);var i=r(56),a=Object(i.a)({},(function(){var e=this,t=e.$createElement,r=e._self._c||t;return r("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[r("h1",{attrs:{id:"你好-spring-安全"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#你好-spring-安全"}},[e._v("#")]),e._v(" 你好 Spring 安全")]),e._v(" "),r("p",[e._v("本节介绍了如何在 Spring 引导中使用 Spring 安全性的最小设置。")]),e._v(" "),r("table",[r("thead",[r("tr",[r("th"),e._v(" "),r("th",[e._v("可以找到已完成的应用程序"),r("a",{attrs:{href:"https://github.com/spring-projects/spring-security-samples/tree/5.6.x/servlet/spring-boot/java/hello-security",target:"_blank",rel:"noopener noreferrer"}},[e._v("在我们的样品库中"),r("OutboundLink")],1),e._v("。"),r("br"),e._v("为了你的方便，你可以通过"),r("a",{attrs:{href:"https://start.spring.io/starter.zip?type=maven-project&language=java&packaging=jar&jvmVersion=1.8&groupId=example&artifactId=hello-security&name=hello-security&description=Hello%20Security&packageName=example.hello-security&dependencies=web,security",target:"_blank",rel:"noopener noreferrer"}},[e._v("点击这里"),r("OutboundLink")],1),e._v("下载一个最小的 Spring 引导+ Spring 安全应用程序。")])])]),e._v(" "),r("tbody")]),e._v(" "),r("h2",{attrs:{id:"更新依赖项"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#更新依赖项"}},[e._v("#")]),e._v(" 更新依赖项")]),e._v(" "),r("p",[e._v("你需要做的唯一一步是通过使用"),r("RouterLink",{attrs:{to:"/getting-spring-security.html#getting-maven-boot"}},[e._v("Maven")]),e._v("或"),r("RouterLink",{attrs:{to:"/getting-spring-security.html#getting-gradle-boot"}},[e._v("Gradle")]),e._v("更新依赖关系。")],1),e._v(" "),r("h2",{attrs:{id:"启动hello-spring-安全启动"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#启动hello-spring-安全启动"}},[e._v("#")]),e._v(" 启动Hello Spring 安全启动")]),e._v(" "),r("p",[e._v("现在，你可以通过使用 Maven 插件的"),r("code",[e._v("run")]),e._v("目标"),r("a",{attrs:{href:"https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#using-boot-running-with-the-maven-plugin",target:"_blank",rel:"noopener noreferrer"}},[e._v("run the Spring Boot application"),r("OutboundLink")],1),e._v("。下面的示例展示了如何这样做（以及这样做产生的输出的开始）：")]),e._v(" "),r("p",[e._v("例1.运行 Spring 启动应用程序")]),e._v(" "),r("div",{staticClass:"language- extra-class"},[r("pre",{pre:!0,attrs:{class:"language-text"}},[r("code",[e._v("$ ./mvn spring-boot:run\n...\nINFO 23689 --- [  restartedMain] .s.s.UserDetailsServiceAutoConfiguration :\n\nUsing generated security password: 8e557245-73e2-4286-969a-ff57fe326336\n\n...\n")])])]),r("h2",{attrs:{id:"spring-引导自动配置"}},[r("a",{staticClass:"header-anchor",attrs:{href:"#spring-引导自动配置"}},[e._v("#")]),e._v(" Spring 引导自动配置")]),e._v(" "),r("p",[e._v("Spring 自动启动：")]),e._v(" "),r("ul",[r("li",[r("p",[e._v("启用 Spring Security的默认配置，该配置将创建 Servlet "),r("code",[e._v("Filter")]),e._v("作为名为"),r("code",[e._v("springSecurityFilterChain")]),e._v("的 Bean。此 Bean 负责应用程序内的所有安全性（保护应用程序的URL、验证提交的用户名和密码、重定向到表单中的日志，等等）。")])]),e._v(" "),r("li",[r("p",[e._v("创建一个"),r("code",[e._v("UserDetailsService")]),e._v(" Bean，其用户名为"),r("code",[e._v("user")]),e._v("，并随机生成一个登录到控制台的密码。")])]),e._v(" "),r("li",[r("p",[e._v("对于每个请求，用名为"),r("code",[e._v("springSecurityFilterChain")]),e._v("的 Bean 容器注册"),r("code",[e._v("Filter")]),e._v("。")])])]),e._v(" "),r("p",[e._v("Spring Boot的配置不是很多，但它做了很多。以下是这些特征的摘要：")]),e._v(" "),r("ul",[r("li",[r("p",[e._v("与应用程序的任何交互都需要经过身份验证的用户。")])]),e._v(" "),r("li",[r("p",[e._v("为你生成默认的登录表单")])]),e._v(" "),r("li",[r("p",[e._v("让用户名为"),r("code",[e._v("user")]),e._v("且密码已登录到控制台的用户使用基于表单的身份验证进行身份验证（在前面的示例中，密码为"),r("code",[e._v("8e557245-73e2-4286-969a-ff57fe326336")]),e._v("）")])]),e._v(" "),r("li",[r("p",[e._v("使用bcrypt保护密码存储")])]),e._v(" "),r("li",[r("p",[e._v("让用户注销")])]),e._v(" "),r("li",[r("p",[r("a",{attrs:{href:"https://en.wikipedia.org/wiki/Cross-site_request_forgery",target:"_blank",rel:"noopener noreferrer"}},[e._v("CSRF攻击"),r("OutboundLink")],1),e._v("预防")])]),e._v(" "),r("li",[r("p",[r("a",{attrs:{href:"https://en.wikipedia.org/wiki/Session_fixation",target:"_blank",rel:"noopener noreferrer"}},[e._v("Session Fixation"),r("OutboundLink")],1),e._v("保护")])]),e._v(" "),r("li",[r("p",[e._v("安全报头集成")]),e._v(" "),r("ul",[r("li",[r("p",[r("a",{attrs:{href:"https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security",target:"_blank",rel:"noopener noreferrer"}},[e._v("HTTP严格的传输安全"),r("OutboundLink")],1),e._v("用于安全请求")])]),e._v(" "),r("li",[r("p",[e._v("[X-Content-Type-Options](https://msdn.microsoft.com/en-us/library/ie/gg622941(v=vs.85).ASPX）积分")])]),e._v(" "),r("li",[r("p",[e._v("缓存控制（可以稍后由应用程序重写，以允许缓存静态资源）")])]),e._v(" "),r("li",[r("p",[e._v("[X-XSS-保护](https://msdn.microsoft.com/en-us/library/dd565647(v=vs.85).ASPX）积分")])]),e._v(" "),r("li",[r("p",[e._v("x-frame-options集成，帮助防止"),r("a",{attrs:{href:"https://en.wikipedia.org/wiki/Clickjacking",target:"_blank",rel:"noopener noreferrer"}},[e._v("点击劫持"),r("OutboundLink")],1)])])])]),e._v(" "),r("li",[r("p",[e._v("与以下 Servlet API方法集成：")]),e._v(" "),r("ul",[r("li",[r("p",[e._v("["),r("code",[e._v("HttpServletRequest#getRemoteUser()")]),e._v("]（https://DOCS.oracle.com/javaee/6/api/javax/ Servlet/http/httpservletrequest.html#getremoteuser（））")])]),e._v(" "),r("li",[r("p",[e._v("["),r("code",[e._v("HttpServletRequest.html#getUserPrincipal()")]),e._v("]（https://DOCS.oracle.com/javaee/6/api/javax/ Servlet/http/httpservletrequest.html#getUserprincipal（））")])]),e._v(" "),r("li",[r("p",[e._v("["),r("code",[e._v("HttpServletRequest.html#isUserInRole(java.lang.String)")]),e._v("]（https://DOCS.oracle.com/javaee/6/api/javax/ Servlet/http/httpservletrequest.html#isuserinrole（ Java.lang.string））")])]),e._v(" "),r("li",[r("p",[e._v("["),r("code",[e._v("HttpServletRequest.html#login(java.lang.String, java.lang.String)")]),e._v("]（https://DOCS.oracle.com/javaee/6/api/javax/ Servlet/http/httpservletrequest.html#login（ Java.lang.string，%20java.lang.string））")])]),e._v(" "),r("li",[r("p",[e._v("["),r("code",[e._v("HttpServletRequest.html#logout()")]),e._v("]（https://DOCS.oracle.com/javaee/6/api/javax/ Servlet/http/httpservletrequest.html#logout（））")])])])])]),e._v(" "),r("p",[r("RouterLink",{attrs:{to:"/spring-security/index.html"}},[e._v("Servlet Applications")]),r("RouterLink",{attrs:{to:"/spring-security/architecture.html"}},[e._v("建筑")])],1)])}),[],!1,null,null,null);t.default=a.exports}}]);