官术网_书友最值得收藏!

In-memory user storage

As mentioned earlier, for various testing purposes, it's better to store the user credentials and then authenticate in memory than to use a proper database, such as MySQL. For this, just change the Spring Security configuration file (SpringSecurityConfig.java) by adding the following method:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("admin")
.password("{noop}admin@password")
//{noop} makes sure that the password encoder doesn't do anything
.roles("ADMIN") // Role of the user
.and()
.withUser("user")
.password("{noop}user@password")
.credentialsExpired(true)
.accountExpired(true)
.accountLocked(true)
.roles("USER");
}

It's important to note that the password has a prefix, {noop}, attached to it. This ensures that when the password is validated, no encoding is carried out. This is one way to avoid having password encoding errors when you run the project.

The full source code, as a fully fledged project, can be found on this book's GitHub page in the  jetty-in-memory-basic-authentication project.
主站蜘蛛池模板: 察雅县| 崇左市| 峨边| 微博| 聊城市| 鹤山市| 枝江市| 团风县| 句容市| 苍南县| 安国市| 洱源县| 页游| 琼海市| 富川| 治县。| 民县| 阳高县| 延长县| 阳山县| 南康市| 格尔木市| 丹阳市| 封开县| 任丘市| 广丰县| 手游| 秦皇岛市| 静乐县| 浮山县| 顺义区| 白沙| 达日县| 介休市| 柯坪县| 永靖县| 昌宁县| 甘德县| 五莲县| 西和县| 日土县|