弹簧安全和弹簧启动

Question

我有一个问题。为什么弹簧安全只适用于弹簧靴？ 我有以下配置：

AbstractSecurityWebApplicationInitializer

public class SecurityWebInitializer extends AbstractSecurityWebApplicationInitializer {
    }

WebSecurityConfigurerAdapter

    @Configuration
    @EnableWebSecurity
    public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

        @Autowired
        public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        ...
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            CharacterEncodingFilter filter = new CharacterEncodingFilter();
            filter.setEncoding("UTF-8");
            filter.setForceEncoding(true);
            http.addFilterBefore(filter,CsrfFilter.class);
            ...
    }

我试过这个只是添加spring安全依赖，例如：

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>
    <version>5.0.3.RELEASE</version>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>5.0.3.RELEASE</version>
</dependency>

但它不起作用，但是当我添加时

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <version>1.5.2.RELEASE</version>
        </dependency>

它开始工作了。为什么 spring security 只适用于 spring boot？

Answer 1

Spring Security 也可以在没有 Spring Boot 的情况下工作。使用以下依赖项即可。

    <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>4.1.3.RELEASE</version>
        </dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>${spring.ver}</version>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>4.1.3.RELEASE</version>
</dependency>

Answer 2

Spring Security 与 Spring Boot 没有任何依赖关系。它是 spring 的一个模块，用于处理安全相关的功能。

有不同的方式来实现 Spring Security

1. 通过 maven :- 通过使用以下配置更新 pom.xml

   <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-core</artifactId>
   </dependency>
   
   <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-web</artifactId>
   </dependency>
   
   <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-ldap</artifactId>
   </dependency>
   
   <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-taglibs</artifactId>
   </dependency>
   
   <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-config</artifactId>
   </dependency>
   

2. 通过 Gradle :- 通过添加以下配置 build.gradle

   compile "org.springframework.security:spring-security-core:$springSecurityVersion"
   
       compile "org.springframework.security:spring-security-web:$springSecurityVersion"
   
       compile "org.springframework.security:spring-security-ldap:$springSecurityVersion"
   
       compile "org.springframework.security:spring-security-taglibs:$springSecurityVersion"
   
       compile "org.springframework.security:spring-security-acl:$springSecurityVersion"
   
       compile "org.springframework.security:spring-security-config:$springSecurityVersion"
   

3. 通过在项目构建路径中添加spring security jar文件。