2
我试图找出如何执行以下操作使用Spring Security:允许访问一个网址的用户名/密码等人从IP地址
我需要让对某个端点的外部访问,在/webhooks/
,但用HTTP基本用户名/密码保护它。在所有其他端点上,访问必须受到限制,但某些子网除外。
这是我到目前为止。这不起作用,因为一切都被拒绝了。
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* Created on 27 July 2016 @ 1:49 PM
* Component for project "security"
*/
@Configuration
@EnableWebSecurity
@PropertySource("classpath:/test.properties")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${test.webhooks.username}")
private String username;
@Value("${test.webhooks.password}")
private String password;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/webhooks/").authenticated()
.and().authorizeRequests()
.antMatchers("/**").hasIpAddress("10.0.0.0/8")
.antMatchers("/**").hasIpAddress("172.16.0.0/16")
.antMatchers("/**").hasIpAddress("192.168.1.0/24")
.antMatchers("/**").hasIpAddress("172.0.0.0/8")
.antMatchers("/**").denyAll()
;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder
.inMemoryAuthentication()
.withUser(username).password(password).roles("WEBHOOKS_ACCESS")
;
}
}
任何帮助将是可怕的!我不确定链接的蚂蚁匹配器在任何情况下都是正确的。