官术网_书友最值得收藏!

In-memory user storage

As mentioned earlier, for various testing purposes, it's better to store the user credentials and then authenticate in memory than to use a proper database, such as MySQL. For this, just change the Spring Security configuration file (SpringSecurityConfig.java) by adding the following method:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("admin")
.password("{noop}admin@password")
//{noop} makes sure that the password encoder doesn't do anything
.roles("ADMIN") // Role of the user
.and()
.withUser("user")
.password("{noop}user@password")
.credentialsExpired(true)
.accountExpired(true)
.accountLocked(true)
.roles("USER");
}

It's important to note that the password has a prefix, {noop}, attached to it. This ensures that when the password is validated, no encoding is carried out. This is one way to avoid having password encoding errors when you run the project.

The full source code, as a fully fledged project, can be found on this book's GitHub page in the  jetty-in-memory-basic-authentication project.
主站蜘蛛池模板: 新河县| 锡林郭勒盟| 安义县| 南郑县| 菏泽市| 伊金霍洛旗| 法库县| 淮北市| 九寨沟县| 揭东县| 井研县| 铜山县| 皋兰县| 桦南县| 县级市| 房产| 沧源| 泗阳县| 舞阳县| 新晃| 察哈| 留坝县| 乳山市| 汝州市| 三穗县| 甘孜| 南汇区| 嘉鱼县| 安图县| 岱山县| 冕宁县| 三亚市| 樟树市| 绩溪县| 广水市| 井陉县| 林口县| 古蔺县| 朝阳县| 福鼎市| 彰化市|