当前位置:theitroad>Java @EnableWebSecurity 和 @EnableWebMvcSecurity 有什么区别?

Java @EnableWebSecurity 和 @EnableWebMvcSecurity 有什么区别?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/27906161/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-11 05:16:34  来源:igfitidea点击:

What is the difference between @EnableWebSecurity and @EnableWebMvcSecurity?

javaspringspring-mvcspring-security

提问by Mike R

@EnableWebSecurity

@启用网络安全

The JavaDoc documentaion:

JavaDoc 文档:

Add this annotation to an @Configurationclass to have the Spring Securityconfiguration defined in any WebSecurityConfigureror more likely by extending the WebSecurityConfigurerAdapterbase class and overriding individual methods.

通过扩展基类和覆盖单个方法,将此注释添加到@Configuration类中以Spring Security在任何WebSecurityConfigurer或更可能的情况下定义配置WebSecurityConfigurerAdapter

@EnableWebMvcSecurity

@EnableWebMvcSecurity

The JavaDoc documentaion:

JavaDoc 文档:

Add this annotation to an @Configurationclass to have the Spring Securityconfiguration integrate with Spring MVC.

将此批注添加到@Configuration类中以将Spring Security配置与Spring MVC.

  • What exactly does it mean to 'integrate with Spring MVC' ? What extra behaviors do I get?
  • I found guides& answers, which suggest that this annotation adds CSRF Tokensto Spring MVCForms, is this the only thing it adds?
  • 与 Spring MVC 集成”到底是什么意思?我会得到哪些额外的行为?
  • 我找到了guides& answers,这表明这个注释添加CSRF TokensSpring MVC表单中,这是它添加的唯一内容吗?

采纳答案by Steve

If you take a look at those classes, @EnableWebMvcSecurityactually adds the @EnableWebSecurityannotation in WebMvcSecurityConfiguration. Therefore, @EnableWebMvcSecuritydoes everything that @EnableWebSecuritydoes, and a bit more.

如果你看看那些类,@EnableWebMvcSecurity实际上@EnableWebSecurityWebMvcSecurityConfiguration. 因此,@EnableWebMvcSecurity做所有@EnableWebSecurity能做的事,甚至更多。

What more you ask?

你还问什么?

If you look at WebMvcSecurityConfiguration, you will see that it adds an AuthenticationPrincipalArgumentResolverso that you can access the authentication principal by adding an annotation to a controller method argument. i.e.:

如果您查看WebMvcSecurityConfiguration,您将看到它添加了 ,AuthenticationPrincipalArgumentResolver以便您可以通过向控制器方法参数添加注释来访问身份验证主体。IE:

public String show(@AuthenticationPrincipal CustomUser customUser) {
    // do something with CustomUser
    return "view";
}

It also integrates with Spring Web MVC to add a CSRF token to forms.

它还与 Spring Web MVC 集成以向表单添加 CSRF 令牌。

回答by Cassian

As of Spring Security 4.0, @EnableWebMvcSecurityis deprecated. The replacement is @EnableWebSecuritywhich will determine adding the Spring MVC features based upon the classpath.

To enable Spring Security integration with Spring MVC add the@EnableWebSecurityannotation to your configuration.

从 Spring Security 4.0 开始,@EnableWebMvcSecurity已弃用。替换 @EnableWebSecurity将根据类路径确定添加 Spring MVC 功能。

要启用 Spring Security 与 Spring MVC 的集成,请将注释添加@EnableWebSecurity到您的配置中。

source

来源

相关推荐

如何在 Gradle 构建中指定所需的 Java 版本

如何在 Gradle 构建中指定所需的 Java 版本

Java 来自 Spring Batch 的 JobParameters

Java 来自 Spring Batch 的 JobParameters

Java 如何模拟 void 方法以引发异常?

Java 如何模拟 void 方法以引发异常?

Java HashMap 像 ArrayList 一样放入增强的 for 循环

Java HashMap 像 ArrayList 一样放入增强的 for 循环

相关推荐
最近更新
标签