为什么 类 扩展 WebSecurityConfigurerAdapter 而不声明任何 bean 都带有配置注释?
Why classes extending WebSecurityConfigurerAdapter and not declaring any bean are annotated with configuration?
根据@Configuration documentation:
Indicates that a class declares one or more @Bean methods and may be processed by the Spring container to generate bean definitions and service requests for those beans at runtime, for example:
@Configuration
public class AppConfig {
@Bean
public MyBean myBean() {
//instantiate, configure and return bean ...
}
}
我一直记得我遇到过 类 扩展 WebSecurityConfigurerAdapter
,它不包含任何 @Bean
方法,并用 @Configuration
注释。
它甚至在官方博客和一些示例中,请参见:
https://spring.io/blog/2013/07/03/spring-security-java-config-preview-web-security
@Configuration
@EnableWebSecurity
public class HelloWebSecurityConfiguration
extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
或此处:https://docs.spring.io/spring-security/site/docs/current/reference/html/jc.html
@Order(1) 2
public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**") 3
.authorizeRequests(authorizeRequests ->
authorizeRequests
.anyRequest().hasRole("ADMIN")
)
.httpBasic(withDefaults());
}
}
为什么这个 类 用 @Configuration
注释,即使没有 @Bean
方法?
豆子imported using the secondary "@Enable" annotation
Spring features such as asynchronous method execution, scheduled task execution, annotation driven transaction management, and even Spring MVC can be enabled and configured from @Configuration classes using their respective "@Enable" annotations. See @EnableAsync, @EnableScheduling, @EnableTransactionManagement, @EnableAspectJAutoProxy, and @EnableWebMvc for details.
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods:
根据@Configuration documentation:
Indicates that a class declares one or more @Bean methods and may be processed by the Spring container to generate bean definitions and service requests for those beans at runtime, for example:
@Configuration
public class AppConfig {
@Bean
public MyBean myBean() {
//instantiate, configure and return bean ...
}
}
我一直记得我遇到过 类 扩展 WebSecurityConfigurerAdapter
,它不包含任何 @Bean
方法,并用 @Configuration
注释。
它甚至在官方博客和一些示例中,请参见:
https://spring.io/blog/2013/07/03/spring-security-java-config-preview-web-security
@Configuration
@EnableWebSecurity
public class HelloWebSecurityConfiguration
extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
或此处:https://docs.spring.io/spring-security/site/docs/current/reference/html/jc.html
@Order(1) 2
public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**") 3
.authorizeRequests(authorizeRequests ->
authorizeRequests
.anyRequest().hasRole("ADMIN")
)
.httpBasic(withDefaults());
}
}
为什么这个 类 用 @Configuration
注释,即使没有 @Bean
方法?
豆子imported using the secondary "@Enable" annotation
Spring features such as asynchronous method execution, scheduled task execution, annotation driven transaction management, and even Spring MVC can be enabled and configured from @Configuration classes using their respective "@Enable" annotations. See @EnableAsync, @EnableScheduling, @EnableTransactionManagement, @EnableAspectJAutoProxy, and @EnableWebMvc for details.
Add this annotation to an @Configuration class to have the Spring Security configuration defined in any WebSecurityConfigurer or more likely by extending the WebSecurityConfigurerAdapter base class and overriding individual methods: