In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-08 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly introduces "what is HttpSecurity". In daily operation, I believe many people have doubts about what HttpSecurity is. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful for you to answer the doubts about "what is HttpSecurity?" Next, please follow the editor to study!
1. reel silk from cocoons -- make a painstaking investigation
First, let's take a look at HttpSecurity's inheritance diagram:
As you can see, HttpSecurity inherits from AbstractConfiguredSecurityBuilder and implements both SecurityBuilder and HttpSecurityBuilder interfaces.
Let's look at the definition of HttpSecurity:
Public final class HttpSecurity extends
AbstractConfiguredSecurityBuilder
Implements SecurityBuilder
HttpSecurityBuilder {
/ /...
}
Every class here has generics, which makes people a little dazzling.
Let me take out this generic class and tell you about it, and my friends will understand.
There are mainly two generics, DefaultSecurityFilterChain and HttpSecurity,HttpSecurity, needless to say, this is our protagonist today, so what is DefaultSecurityFilterChain?
We have to start with SecurityFilterChain.
1.1 SecurityFilterChain
Let's take a look at the definition:
Public interface SecurityFilterChain {
Boolean matches (HttpServletRequest request)
List getFilters ()
}
SecurityFilterChain is actually what we usually call the filter chain in Spring Security, which defines two methods, one is the matches method used to match the request, and the other getFilters method returns a List collection in which there is a Filter object. When a request comes, use the matches method to compare whether the request matches the current chain, and if it matches, return the filter in the getFilters method. The current request then passes through the filters in the List collection one by one. this
The SecurityFilterChain interface has only one implementation class, and that is DefaultSecurityFilterChain:
Public final class DefaultSecurityFilterChain implements SecurityFilterChain {
Private static final Log logger = LogFactory.getLog (DefaultSecurityFilterChain.class)
Private final RequestMatcher requestMatcher
Private final List filters
Public DefaultSecurityFilterChain (RequestMatcher requestMatcher, Filter... Filters) {
This (requestMatcher, Arrays.asList (filters))
}
Public DefaultSecurityFilterChain (RequestMatcher requestMatcher, List filters) {
Logger.info ("Creating filter chain:" + requestMatcher + "," + filters)
This.requestMatcher = requestMatcher
This.filters = new ArrayList (filters)
}
Public RequestMatcher getRequestMatcher () {
Return requestMatcher
}
Public List getFilters () {
Return filters
}
Public boolean matches (HttpServletRequest request) {
Return requestMatcher.matches (request)
}
@ Override
Public String toString () {
Return "[" + requestMatcher + "," + filters + "]"
}
}
DefaultSecurityFilterChain only implements the methods in SecurityFilterChain, and there is nothing particularly worth talking about, so Brother Song will not talk about it.
So from the above introduction, you can see that DefaultSecurityFilterChain is actually equivalent to a filter chain in Spring Security, a DefaultSecurityFilterChain represents a filter chain, if there are multiple filter chains in the system, there will be multiple DefaultSecurityFilterChain objects.
Next, let's sort out the parent classes of HttpSecurity.
1.2 SecurityBuilderpublic interface SecurityBuilder {
O build () throws Exception
}
SecurityBuilder is used to build a filter chain. When HttpSecurity implements SecurityBuilder, the generic type passed in is DefaultSecurityFilterChain, so the function of the SecurityBuilder#build method is very clear, which is used to build a filter chain.
1.3 HttpSecurityBuilder
HttpSecurityBuilder see that names are used to build HttpSecurity. However, it is only an interface. The specific implementation is in HttpSecurity. The interface is defined as follows:
Public interface HttpSecurityBuilder extends
SecurityBuilder {
C getConfigurer (
Class clazz)
C removeConfigurer (
Class clazz)
Void setSharedObject (Class sharedType, C object)
C getSharedObject (Class sharedType)
H authenticationProvider (AuthenticationProvider authenticationProvider)
H userDetailsService (UserDetailsService userDetailsService) throws Exception
H addFilterAfter (Filter filter, Class)
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.