2
我試圖找出如何執行以下操作使用Spring Security:允許訪問一個網址的用戶名/密碼等人從IP地址
我需要讓對某個端點的外部訪問,在/webhooks/
,但用HTTP基本用戶名/密碼保護它。在所有其他端點上,訪問必須受到限制,但某些子網除外。
這是我到目前爲止。這不起作用,因爲一切都被拒絕了。
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* Created on 27 July 2016 @ 1:49 PM
* Component for project "security"
*/
@Configuration
@EnableWebSecurity
@PropertySource("classpath:/test.properties")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${test.webhooks.username}")
private String username;
@Value("${test.webhooks.password}")
private String password;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/webhooks/").authenticated()
.and().authorizeRequests()
.antMatchers("/**").hasIpAddress("10.0.0.0/8")
.antMatchers("/**").hasIpAddress("172.16.0.0/16")
.antMatchers("/**").hasIpAddress("192.168.1.0/24")
.antMatchers("/**").hasIpAddress("172.0.0.0/8")
.antMatchers("/**").denyAll()
;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder
.inMemoryAuthentication()
.withUser(username).password(password).roles("WEBHOOKS_ACCESS")
;
}
}
任何幫助將是可怕的!我不確定鏈接的螞蟻匹配器在任何情況下都是正確的。