以下代码是错误的,但我希望有一天会得到支持。
当然,我必须首先感谢spring安全性和相关组件的开发人员。感谢您允许我们如此轻松地编写安全的软件。
@Configuration
class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("AdminerDetailsService")
UserDetailsService adminerDetailsService;
@Autowired
@Qualifier("UserDetailsService")
UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/backend-admin/**").hasRole("REGULAR")
.userDetailsService(adminerDetailsService)
.loginProcessingUrl("/login/admin")
.authorizeRequests()
.antMatchers("/backend-ContentCentre/**").hasRole("NORMAL")
.userDetailsService(userDetailsService)
.loginProcessingUrl("/login/user")
.anyRequest().permitAll();
}
}
The above code basically shows my intention. Users accessing /backend-ContentCentre use different UserDetailService implementation from that for accessing /backend-admin. How should I configure to achieve this target?
非常感谢。
