如何在 RSocketSecurity(Spring) 中创建路径 public
How to make the path public in RSocketSecurity(Spring)
我有 RSocketSecurity 配置 class
类似的东西
@Configuration
@EnableRSocketSecurity
@EnableReactiveMethodSecurity
class RSocketAuthConfiguration {
及其授权(只允许经过身份验证的用户订阅)
security.addPayloadInterceptor(interceptor).authorizePayload {
it.setup().authenticated().anyRequest().permitAll()
}
我想设置一些具有public访问权限的路由,但其中大部分应该是经过授权的。实现该目标的最佳方法是什么?
以下几行内容应该有效:
@Configuration
@EnableRSocketSecurity
@EnableReactiveMethodSecurity
class RSocketSecurityConfiguration(val authenticationService: AuthenticationService) {
@Bean
fun authorization(security: RSocketSecurity): PayloadSocketAcceptorInterceptor {
return security
.authorizePayload {
it.route("route-A").hasRole("role-A")
.route("route-B").permitAll()
}
.simpleAuthentication(Customizer.withDefaults())
.authenticationManager(authenticationService)
.build()
}
}
route-A 已通过身份验证并需要 role-A 而 route-B 是公开可用的。
Spring Security Rsocket 分别配置 setup 和 route。
下面是配置部分的例子
@Bean
public PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
return rsocket
.authorizePayload(
authorize -> {
authorize
// must have ROLE_SETUP to make connection
.setup().hasRole("SETUP")
// must have ROLE_ADMIN for routes starting with "greet."
.route("greet*").hasRole("ADMIN")
// any other request must be authenticated for
.anyRequest().authenticated();
}
)
.basicAuthentication(Customizer.withDefaults())
.build();
}
从我的 Github 中获取 the complete example。
我有 RSocketSecurity 配置 class 类似的东西
@Configuration
@EnableRSocketSecurity
@EnableReactiveMethodSecurity
class RSocketAuthConfiguration {
及其授权(只允许经过身份验证的用户订阅)
security.addPayloadInterceptor(interceptor).authorizePayload {
it.setup().authenticated().anyRequest().permitAll()
}
我想设置一些具有public访问权限的路由,但其中大部分应该是经过授权的。实现该目标的最佳方法是什么?
以下几行内容应该有效:
@Configuration
@EnableRSocketSecurity
@EnableReactiveMethodSecurity
class RSocketSecurityConfiguration(val authenticationService: AuthenticationService) {
@Bean
fun authorization(security: RSocketSecurity): PayloadSocketAcceptorInterceptor {
return security
.authorizePayload {
it.route("route-A").hasRole("role-A")
.route("route-B").permitAll()
}
.simpleAuthentication(Customizer.withDefaults())
.authenticationManager(authenticationService)
.build()
}
}
route-A 已通过身份验证并需要 role-A 而 route-B 是公开可用的。
Spring Security Rsocket 分别配置 setup 和 route。
下面是配置部分的例子
@Bean
public PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
return rsocket
.authorizePayload(
authorize -> {
authorize
// must have ROLE_SETUP to make connection
.setup().hasRole("SETUP")
// must have ROLE_ADMIN for routes starting with "greet."
.route("greet*").hasRole("ADMIN")
// any other request must be authenticated for
.anyRequest().authenticated();
}
)
.basicAuthentication(Customizer.withDefaults())
.build();
}
从我的 Github 中获取 the complete example。