我收到一个错误 httpBasic(withDefaults()) is undefined 类型 ServerHttpSecurity.AuthorizeExchangeSpec

Posted

技术标签:

【中文标题】我收到一个错误 httpBasic(withDefaults()) is undefined 类型 ServerHttpSecurity.AuthorizeExchangeSpec【英文标题】:I am getting an error httpBasic(withDefaults()) is undefined for the type ServerHttpSecurity.AuthorizeExchangeSpec 【发布时间】:2021-06-22 21:51:42 【问题描述】:

我正在研究 Webflux 的 Spring 安全性。当我尝试设置从 org.springframework.security.config.Customizer.withDefaults 导入的 withDefaults() 时,它会抛出错误

该类型的方法 httpBasic(withDefaults()) 未定义 ServerHttpSecurity.AuthorizeExchangeSpec

。这是我到目前为止构建的代码。我正在尝试从 Spring Security 示例构建此类。任何帮助将不胜感激。

import static org.springframework.security.config.Customizer.withDefaults;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.header.XFrameOptionsServerHttpHeadersWriter;

@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class SecurityConfig 
    @Bean
    public MapReactiveUserDetailsService userDetailsService() 
        UserDetails user = User.withDefaultPasswordEncoder()
            .username("user")
            .password("password")
            .roles("USER")
            .build();
        UserDetails admin = User.withDefaultPasswordEncoder()
                .username("admin")
                .password("password")
                .roles("USER","ADMIN")
                .build();
        return new MapReactiveUserDetailsService(user, admin);
    
    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) 
        http
            .headers()
                .frameOptions().mode(XFrameOptionsServerHttpHeadersWriter.Mode.SAMEORIGIN);
        http
            .authorizeExchange()
                .anyExchange().authenticated()
            .httpBasic(withDefaults())
            .formLogin();
        return http.build();

【问题讨论】:

【参考方案1】:

尝试插入and 语句以结束前一个语句并开始一个新语句。

.authorizeExchange()
                .anyExchange().authenticated()
            .and()
            .httpBasic(withDefaults())

【讨论】:

以上是关于我收到一个错误 httpBasic(withDefaults()) is undefined 类型 ServerHttpSecurity.AuthorizeExchangeSpec的主要内容,如果未能解决你的问题,请参考以下文章

Spring Security - 多个会话取决于使用情况(登录/httpBasic)

Chrome 的 HTTP BASIC 身份验证注销问题

WebSecurityConfigurerAdapter 中 httpBasic 和 jdbcAuthentication 的用户验证问题

通过 MultiHttpSecurityConfig 实现“oauth2Login()”和“httpBasic()”同一页面

使用 ErrorController 处理 http 错误

在 Spring 中禁用登录窗口(Http Basic)[重复]