|
对于最新的稳定版本,请使用 Spring Security 6.4.1! |
反应性的
如果您已经为 Reactive 应用程序执行了初始迁移步骤,那么现在可以执行特定于 Reactive 应用程序的步骤了。
用AuthorizationManager针对 Method Security
在 6.0 中,@EnableReactiveMethodSecurity违约useAuthorizationManager自true.
因此,要完成迁移,@EnableReactiveMethodSecurity删除useAuthorizationManager属性:
-
Java
-
Kotlin
@EnableReactiveMethodSecurity(useAuthorizationManager = true)@EnableReactiveMethodSecurity(useAuthorizationManager = true)更改为:
-
Java
-
Kotlin
@EnableReactiveMethodSecurity@EnableReactiveMethodSecurity传播AuthenticationServiceExceptions
AuthenticationWebFilter传播AuthenticationServiceExceptions 到ServerAuthenticationEntryPoint.
因为AuthenticationServiceException表示服务器端错误而不是客户端错误,在 6.0 中,此更改会将它们传播到容器。
因此,如果您通过设置rethrowAuthenticationServiceException太true,您现在可以像这样删除它:
-
Java
-
Kotlin
AuthenticationFailureHandler bearerFailureHandler = new ServerAuthenticationEntryPointFailureHandler(bearerEntryPoint);
bearerFailureHandler.setRethrowAuthenticationServiceException(true);
AuthenticationFailureHandler basicFailureHandler = new ServerAuthenticationEntryPointFailureHandler(basicEntryPoint);
basicFailureHandler.setRethrowAuthenticationServiceException(true);val bearerFailureHandler: AuthenticationFailureHandler = ServerAuthenticationEntryPointFailureHandler(bearerEntryPoint)
bearerFailureHandler.setRethrowAuthenticationServiceException(true)
val basicFailureHandler: AuthenticationFailureHandler = ServerAuthenticationEntryPointFailureHandler(basicEntryPoint)
basicFailureHandler.setRethrowAuthenticationServiceException(true)更改为:
-
Java
-
Kotlin
AuthenticationFailureHandler bearerFailureHandler = new ServerAuthenticationEntryPointFailureHandler(bearerEntryPoint);
AuthenticationFailureHandler basicFailureHandler = new ServerAuthenticationEntryPointFailureHandler(basicEntryPoint);val bearerFailureHandler: AuthenticationFailureHandler = ServerAuthenticationEntryPointFailureHandler(bearerEntryPoint)
val basicFailureHandler: AuthenticationFailureHandler = ServerAuthenticationEntryPointFailureHandler(basicEntryPoint)|
如果您配置了 |