Java – spring secure stateless configuration

2019-12-18 • Java

I tried to follow the document http://static.springsource.org/spring-security/site/docs/3.1.x/reference/security-filter-chain.html#filter -Chains with ns to implement stateless authentication in spring

So in my spring security XML, I have

<!-- Stateless RESTful service using Basic authentication -->  
<http pattern="/restful/**" create-session="stateless">  
  <intercept-url pattern='/**' access='ROLE_REMOTE' />  
  <http-basic />  
</http>

When I test it with a browser, I need to authenticate the first request But then it wasn't According to my understanding, I should see the user login prompt Is there anything I miss?

Solution

In the case of basic authentication, the browser will remember the credentials you entered and automatically send subsequent requests

To ensure that your configuration is indeed stateless, you can try to make some requests (with and without authentication) using the command-line tool (WGet, curl)

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.

THE END

Java

二维码

Use of deprecated and suppress annotations in kotlin basic learning

< <上一篇

JPA: use @ generatedvalue on non ID columns

下一篇>>

搜索内容

Java – spring secure stateless configuration

Solution

热门文章