-
Notifications
You must be signed in to change notification settings - Fork 1
/
spring-security.drawio
2317 lines (2317 loc) · 359 KB
/
spring-security.drawio
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<mxfile host="Electron" modified="2024-03-14T09:50:32.051Z" agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.6.5 Chrome/114.0.5735.243 Electron/25.3.1 Safari/537.36" etag="EEPJaWI2VQzF1mAxYWWQ" version="21.6.5" type="device" pages="2">
<diagram id="izJUiE_6dcGGzq4-B36X" name="SpringSecurity工作流程">
<mxGraphModel dx="3403" dy="879" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="1169" pageHeight="827" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="KUAb-_XNP9Eb_uavuq1S-264" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0;exitDx=0;exitDy=0;entryX=0;entryY=0.75;entryDx=0;entryDy=0;fontSize=8;fontColor=#007FFF;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-262" target="KUAb-_XNP9Eb_uavuq1S-225" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1600" y="2060" />
<mxPoint x="1600" y="1620" />
<mxPoint x="2240" y="1620" />
<mxPoint x="2240" y="586" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-265" value="配置的认证管理器 默认是&nbsp;<b style="font-size: 10px ; background-color: rgb(248 , 249 , 250)">DefaultPasswordEncoderAuthenticationManagerBuilder</b>" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=8;fontColor=#007FFF;" parent="KUAb-_XNP9Eb_uavuq1S-264" vertex="1" connectable="0">
<mxGeometry x="-0.9756" y="-1" relative="1" as="geometry">
<mxPoint x="162" y="9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-495" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.88;exitY=0.017;exitDx=0;exitDy=0;entryX=0.88;entryY=1;entryDx=0;entryDy=0;entryPerimeter=0;fontSize=9;fontColor=#007FFF;endArrow=classic;endFill=1;exitPerimeter=0;fillColor=#e51400;strokeColor=#B20000;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-464" target="KUAb-_XNP9Eb_uavuq1S-322" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-468" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.75;exitY=0;exitDx=0;exitDy=0;entryX=0.75;entryY=1;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-386" target="KUAb-_XNP9Eb_uavuq1S-322" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-1" value="<h1>Spring Security 工作流程&nbsp;</h1><div style="font-size: 11px"><font style="font-size: 11px">版本:<br>spring-boot-starter-security:2.1.10.RELEASE</font></div><div style="font-size: 11px"><font style="font-size: 11px">依赖:</font></div><div style="font-size: 11px"><font style="font-size: 11px">spring-boot-starter:2.1.0.RELEASE<br></font></div><div style="font-size: 11px"><font style="font-size: 11px">spring-security-config:5.1.7.RELEASE</font></div><div style="font-size: 11px"><font style="font-size: 11px">spring-security-web:5.1.7.RELEASE</font><br></div><div><br></div>" style="text;html=1;strokeColor=none;fillColor=none;spacing=5;spacingTop=-20;whiteSpace=wrap;overflow=hidden;rounded=0;" parent="1" vertex="1">
<mxGeometry x="20" y="20" width="400" height="130" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-15" value="<font color="#007fff" style="font-size: 8px">@ConditionalOnClass</font>" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-3" target="mgh684Ju6QphpoWxp4na-14" edge="1">
<mxGeometry y="10" relative="1" as="geometry">
<mxPoint as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-24" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=8;" parent="1" source="mgh684Ju6QphpoWxp4na-3" target="mgh684Ju6QphpoWxp4na-16" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="450" y="830" />
<mxPoint x="450" y="910" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-25" value="@Import" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=8;entryX=0.1;entryY=0.5;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="mgh684Ju6QphpoWxp4na-3" target="mgh684Ju6QphpoWxp4na-26" edge="1">
<mxGeometry x="0.6199" y="10" relative="1" as="geometry">
<mxPoint x="400" y="1030" as="targetPoint" />
<mxPoint as="offset" />
<Array as="points">
<mxPoint x="450" y="830" />
<mxPoint x="450" y="1070" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-3" value="<font style="font-size: 10px">SecurityAutoConfiguration</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="240" y="800" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-5" value="先分析Maven pom 依赖<br>查到下面自动配置类<br>Security 的自动配置类位于 Spring-boot-starter 内" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" parent="1" vertex="1">
<mxGeometry x="195" y="750" width="290" height="50" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-255" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;fontColor=#007FFF;" parent="1" source="mgh684Ju6QphpoWxp4na-8" target="KUAb-_XNP9Eb_uavuq1S-254" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-8" value="<font style="font-size: 8px"><span style="font-size: 10px">SecurityFilterAutoConfiguration</span><br><font color="#007fff" style="font-size: 8px">将Security的过滤器链注册到Spring Web, 可通过 spring.security.filter.order 配置顺序,默认-100</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="240" y="1320" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-12" value="<font style="font-size: 10px">其他,暂略</font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="240" y="1440" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-28" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="mgh684Ju6QphpoWxp4na-14" target="mgh684Ju6QphpoWxp4na-27" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-14" value="<font style="font-size: 10px">DefaultAuthenticationEventPublisher</font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="500" y="800" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-16" value="<font><span style="font-size: 10px">SecurityProperties<br></span><font color="#007fff"><span style="font-size: 10px">自动注入的配置类,前缀spring.security,</span><br><span style="font-size: 10px">包含用户认证信息User和过滤器链 Filter信息</span></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="500" y="880" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-30" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="mgh684Ju6QphpoWxp4na-18" target="mgh684Ju6QphpoWxp4na-29" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="DT5Yx-Svt_Yo0Kt4Upq1-8" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="mgh684Ju6QphpoWxp4na-18" target="DT5Yx-Svt_Yo0Kt4Upq1-6" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-18" value="<font style="font-size: 10px">SpringBootWebSecurityConfiguration</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="500" y="960" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-32" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="mgh684Ju6QphpoWxp4na-20" target="mgh684Ju6QphpoWxp4na-31" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-20" value="<font style="font-size: 10px">WebSecurityEnablerConfiguration</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="500" y="1040" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-34" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="mgh684Ju6QphpoWxp4na-22" target="mgh684Ju6QphpoWxp4na-33" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-22" value="<font style="font-size: 10px">SecurityDataConfiguration</font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="500" y="1120" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-26" value="" style="shape=curlyBracket;whiteSpace=wrap;html=1;rounded=1;fontSize=8;" parent="1" vertex="1">
<mxGeometry x="480" y="960" width="10" height="220" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-27" value="<font style="font-size: 10px">new <b>DefaultAuthenticationEventPublisher</b>(<br>publisher)<br><font color="#007fff">创建一个认证事件发布器 Bean</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="740" y="800" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-36" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-29" target="mgh684Ju6QphpoWxp4na-35" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-29" value="<font style="font-size: 10px">DefaultConfigurerAdapter<br><font color="#007fff">默认继承&nbsp;<b>WebSecurityConfigurerAdapter<br></b>核心上下文Bean对象</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="740" y="960" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-44" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-31" target="mgh684Ju6QphpoWxp4na-43" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-51" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-31" target="mgh684Ju6QphpoWxp4na-47" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-52" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-31" target="mgh684Ju6QphpoWxp4na-49" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-3" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.25;entryDx=0;entryDy=0;" parent="1" source="mgh684Ju6QphpoWxp4na-31" target="KUAb-_XNP9Eb_uavuq1S-1" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="970" y="1310" as="targetPoint" />
<Array as="points">
<mxPoint x="960" y="1070" />
<mxPoint x="960" y="1295" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-31" value="<font><span style="font-size: 10px">@EnableWebSecurity<br></span><span style="font-size: 10px"><font color="#007fff">主要就是引入一个注解,表示启用Security功能,里面有个debug字段,设置为true可以打印Spring Security DEBUG日志</font></span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="740" y="1040" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-33" value="<font style="font-size: 10px"><span style="font-size: 10px">new SecurityEvaluationContextExtension()</span><br><div><font color="#007fff"><span>创建用于安全拓展的Bean,比如支持</span><font face="Noto Sans SC, SF Pro SC, SF Pro Text, SF Pro Icons, PingFang SC, Helvetica Neue, Helvetica, Arial, sans-serif" style="font-size: 10px"><span style="background-color: rgba(0 , 0 , 0 , 0.05)">SpEL</span></font></font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="740" y="1120" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-35" value="<font><span style="font-size: 10px">SecurityConfig<br></span><font style="font-size: 10px" color="#007fff">测试中重写了WebSecurityConfigurerAdapter</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="980" y="960" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-38" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center">WebSecurityConfigurerAdapter<i>&nbsp;修改</i><i style="background-color: initial;">配置</i><i style="background-color: initial;">的窗口类,新版本已经废弃</i></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">此配置类用于创建后面的 WebSecurity HttpSecurity等</font></p><p style="margin: 0px ; margin-left: 4px"><br></p><p style="margin: 0px ; margin-left: 4px">private ApplicationContext context;</p><p style="margin: 0px ; margin-left: 4px">private ContentNegotiationStrategy <b>contentNegotiationStrategy</b> = new HeaderContentNegotiationStrategy();</p><p style="margin: 0px ; margin-left: 4px">private ObjectPostProcessor&lt;Object&gt; <b>objectPostProcessor</b> = new ObjectPostProcessor&lt;Object&gt;() {...};</p><p style="margin: 0px ; margin-left: 4px">private AuthenticationConfiguration <b>authenticationConfiguration</b>;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//DefaultPasswordEncoderAuthenticationManagerBuilder 用于构造密码编码器和认证管理器</font></p><p style="margin: 0px ; margin-left: 4px">private AuthenticationManagerBuilder <b>authenticationBuilder</b>;</p><span style="color: rgb(0 , 127 , 255)">&nbsp; //DefaultPasswordEncoderAuthenticationManagerBuilder</span><span>&nbsp;</span><span style="color: rgb(0 , 127 , 255)"><br></span><p style="margin: 0px ; margin-left: 4px">private AuthenticationManagerBuilder <b>localConfigureAuthenticationBldr</b>;</p><p style="margin: 0px ; margin-left: 4px">private boolean disableLocalConfigureAuthenticationBldr;</p><p style="margin: 0px ; margin-left: 4px">private boolean authenticationManagerInitialized;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">&nbsp;//构造的认证管理器</font></p><p style="margin: 0px ; margin-left: 4px">private AuthenticationManager <b>authenticationManager</b>;</p><p style="margin: 0px ; margin-left: 4px">private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();</p><p style="margin: 0px ; margin-left: 4px">private <b>HttpSecurity</b> <b>http</b>;</p><p style="margin: 0px ; margin-left: 4px">private boolean disableDefaults;</p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;" parent="1" vertex="1">
<mxGeometry x="-680" y="240" width="640" height="300" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-25" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-39" target="KUAb-_XNP9Eb_uavuq1S-24" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-181" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;dashed=1;" parent="1" source="mgh684Ju6QphpoWxp4na-39" target="KUAb-_XNP9Eb_uavuq1S-180" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-39" value="请求拦截器链" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="40" y="1560" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-54" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="mgh684Ju6QphpoWxp4na-43" target="mgh684Ju6QphpoWxp4na-53" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-205" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="mgh684Ju6QphpoWxp4na-43" target="KUAb-_XNP9Eb_uavuq1S-204" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-43" value="<font style="font-size: 9px"><span style="font-size: 10px"><b>WebSecurityConfiguration</b><br></span><font color="#007fff" style="font-size: 9px">这里面做了很多,不过只关注<br>最重要的springSecurityFilterChain</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="980" y="1040" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-47" value="<font><span style="font-size: 10px">SpringWebMvcImportSelector</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="980" y="1120" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-49" value="<font><span style="font-size: 10px">OAuth2ImportSelector</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="980" y="1200" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-9" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;" parent="1" source="mgh684Ju6QphpoWxp4na-53" target="KUAb-_XNP9Eb_uavuq1S-8" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-53" value="<font><span style="font-size: 10px"><b>@Bean <br></b>Filter <b>springSecurityFilterChain</b>()<br></span><font style="font-size: 10px;" color="#007fff">最后创建的所有过滤器链都在此Bean中</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1180" y="1040" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="mgh684Ju6QphpoWxp4na-55" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><i>WebSecurityConfiguration</i><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px">private <b>WebSecurity</b> webSecurity;</p><p style="margin: 0px ; margin-left: 4px">private Boolean debugEnabled;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//用户自定义的配置类</font></p><p style="margin: 0px ; margin-left: 4px">private <b>List&lt;SecurityConfigurer&lt;Filter, WebSecurity&gt;&gt;</b> webSecurityConfigurers;</p><p style="margin: 0px ; margin-left: 4px">private ClassLoader beanClassLoader;</p><p style="margin: 0px ; margin-left: 4px">private <b>ObjectPostProcessor&lt;Object&gt;</b> objectObjectPostProcessor;</p><hr size="1"><p style="margin: 0px ; margin-left: 4px">void setFilterChainProxySecurityConfigurer()<br>Filter springSecurityFilterChain()<br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;" parent="1" vertex="1">
<mxGeometry x="-520" y="560" width="480" height="180" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-5" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-1" target="KUAb-_XNP9Eb_uavuq1S-4" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-1" value="<font><span style="font-size: 10px">@EnableGlobalAuthentication</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="980" y="1280" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-4" value="<font><span style="font-size: 10px">@Import(<br><b>AuthenticationConfiguration</b>.class)<br></span><font color="#007fff" style="font-size: 10px">用于配置认证信息</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1180" y="1280" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="qwSPwGrAE5PhXKtDNLOx-14" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-8" target="qwSPwGrAE5PhXKtDNLOx-9" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-8" value="<font><span style="font-size: 10px"><b>webSecurity</b>.<b>build</b>()<br></span><font color="#007fff" style="font-size: 10px">构造安全过滤器链,<b>WebSecurity 中可能有多个HttpSecurity</b></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1420" y="1040" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-21" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-18" target="KUAb-_XNP9Eb_uavuq1S-20" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-220" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-18" target="KUAb-_XNP9Eb_uavuq1S-219" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-18" value="<font style="font-size: 10px"><div>beforeInit();</div><div><b>init</b>();</div><div><font color="#007fff">遍历过滤器的配置类,执行初始化</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2020" y="1200" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-23" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;exitX=0.5;exitY=1;exitDx=0;exitDy=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-20" target="KUAb-_XNP9Eb_uavuq1S-22" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="2100" y="1400" as="sourcePoint" />
</mxGeometry>
</mxCell>
<mxCell id="qwSPwGrAE5PhXKtDNLOx-4" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-20" target="qwSPwGrAE5PhXKtDNLOx-3" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-20" value="<font style="font-size: 10px"><div>beforeConfigure();</div><div><b>configure</b>();</div><div><font color="#007fff">遍历过滤器的配置类<b>,</b>执行配置方法,这里<b>创建过滤器</b></font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2020" y="1300" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-242" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-22" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="2220" y="1430" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-22" value="<font style="font-size: 10px">O result = <b>performBuild</b>();<br>return result;<br><font color="#007fff">创建过滤器链</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2020" y="1400" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-27" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-24" target="KUAb-_XNP9Eb_uavuq1S-26" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-24" value="<font style=""><b style="font-size: 10px;">ApplicationFilterChain</b>#doFilter()<br><font color="#007fff"><span style="font-size: 10px;">SpringMVC 的请求拦截器链</span><br></font><font style="font-size: 10px;" color="#007fff">责任链模式,过滤器数组,doFilter()相当于递归调用,每调用一次过滤器pos++</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="240" y="1560" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-39" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-26" target="KUAb-_XNP9Eb_uavuq1S-38" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-26" value="<div><span style="font-size: 10px">OrderedCharacterEncodingFilter characterEncodingFilter</span></div><div><span style="font-size: 10px">OrderedHiddenHttpMethodFilter hiddenHttpMethodFilter</span></div><div><span style="font-size: 10px">OrderedFormContentFilter formContentFilter</span></div><div><span style="font-size: 10px">OrderedRequestContextFilter requestContextFilter</span></div><div><span style="font-size: 10px"><b>DelegatingFilterProxyRegistrationBean$1 springSecurityFilterChain</b></span></div><div><span style="font-size: 10px">WsFilter "Tomcat WebSocket (JSR356) Filter"</span></div>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="480" y="1540" width="320" height="100" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-28" value="<font color="#007fff">前4个过滤器属于Spring MVC,分别负责读取请求 编码类型、请求类型、表单参数、原始请求<br>存储到&nbsp;HttpServletRequest 封装类型对象<br><b>第5个过滤器就是Spring Security 安全过滤器链</b></font>" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;" parent="1" vertex="1">
<mxGeometry x="480" y="1640" width="440" height="50" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-52" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-29" target="KUAb-_XNP9Eb_uavuq1S-51" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-29" value="<div style="font-size: 10px;"><font style="font-size: 10px;">WebAsyncManagerIntegrationFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">SecurityContextPersistenceFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">HeaderWriterFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">CsrfFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">LogoutFilter</font></div><div style="font-size: 10px;"><b><font style="font-size: 10px;">UsernamePasswordAuthenticationFilter</font></b></div><div style="font-size: 10px;"><font style="font-size: 10px;">DefaultLoginPageGeneratingFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">DefaultLogoutPageGeneratingFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">RequestCacheAwareFilter</font></div><div style="font-size: 10px;"><b><font style="font-size: 10px;">SecurityContextHolderAwareRequestFilter</font></b></div><div style="font-size: 10px;"><font style="font-size: 10px;">AnonymousAuthenticationFilter</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">SessionManagementFilter</font></div><div style="font-size: 10px;"><b><font style="font-size: 10px;">ExceptionTranslationFilter</font></b></div><div style="font-size: 10px;"><b><font style="font-size: 10px;">FilterSecurityInterceptor</font></b></div><div style="font-size: 10px;"><font style="font-size: 10px;">...</font></div>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=5;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1340" y="1640" width="240" height="220" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-34" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;dashed=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-32" target="mgh684Ju6QphpoWxp4na-39" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-35" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-32" target="mgh684Ju6QphpoWxp4na-3" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-250" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-32" target="mgh684Ju6QphpoWxp4na-8" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-251" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-32" target="mgh684Ju6QphpoWxp4na-12" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="DT5Yx-Svt_Yo0Kt4Upq1-2" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-32" target="DT5Yx-Svt_Yo0Kt4Upq1-1" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-32" value="自动配置阶段" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="40" y="800" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-42" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-38" target="KUAb-_XNP9Eb_uavuq1S-41" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-38" value="<font style="font-size: 10px"><span style="font-size: 10px"><b>FilterChainProxy</b>#doFilter()</span><br><font color="#007fff"><font style="font-size: 10px">执行 springSecurityFilterChain 过滤器链<br></font>一层层地过滤</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="840" y="1560" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-44" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-41" target="KUAb-_XNP9Eb_uavuq1S-43" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-305" value="" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-41" target="KUAb-_XNP9Eb_uavuq1S-304" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-306" value="" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-41" target="KUAb-_XNP9Eb_uavuq1S-304" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-308" value="" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-41" target="KUAb-_XNP9Eb_uavuq1S-307" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-41" value="<font style="font-size: 10px;">fwRequest = this.firewall.<b>getFirewalledRequest</b>(<br>(HttpServletRequest)request);<br>filters = this.<b>getFilters</b>((HttpServletRequest)fwRequest);<br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1080" y="1560" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-46" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-43" target="KUAb-_XNP9Eb_uavuq1S-45" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-43" value="<font style="font-size: 10px;"><span style="">FilterChainProxy.VirtualFilterChain vfc = new FilterChainProxy.<b>VirtualFilterChain</b>(fwRequest, chain, filters);<br></span><font style="font-size: 10px;" color="#007fff">这个过滤器链和前面的过滤器链调用原理一样</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1080" y="1640" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-47" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-45" target="KUAb-_XNP9Eb_uavuq1S-29" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-45" value="<font style="font-size: 10px;"><font style="font-size: 10px;">vfc.<b>doFilter</b>(fwRequest, fwResponse);<br></font><font style="font-size: 10px;" color="#007fff">这个测试中SpringSecurity创建了14个过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1080" y="1720" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="Fbp7wKhLBmgoR31z9oyL-13" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;dashed=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-49" target="Fbp7wKhLBmgoR31z9oyL-7" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-49" value="<font style="font-size: 10px;"><span style="font-size: 10px">OncePerRequestFilter<br></span><font style="font-size: 10px;" color="#007fff"><font style="font-size: 10px;"><b>左边多数拦截器都继承此过滤器<br></b></font>每个请求只会执行一次的过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1620" y="1641" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-56" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-51" target="KUAb-_XNP9Eb_uavuq1S-55" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-51" value="<font style="font-size: 10px"><span>WebAsyncManagerIntegrationFilter#<br></span>doFilterInternal()<br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="1720" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-53" value="通过在 HttpServletRequest 中添加 Attribute (filterName..FILTERED)&nbsp;<br>记录当前执行器是否已经执行过,已经执行过则直接跳过,继续执行下一个拦截器<br><br>每次执行拦截处理 doFilterInternal() 之前都会额外判断是否是异步请求以及是否是错误调度请求,<br>如果是异步请求且设置了不需要过滤异步请求或者请求中包含错误属性(发生异常会在request中添加属性 <br><b>javax.servlet.error.request_uri</b>)都不会执行实际拦截,而是直接交给下一个拦截器<br>参考:!this.skipDispatch(httpRequest) &amp;&amp; !this.shouldNotFilter(httpRequest)" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1820" y="1620" width="490" height="100" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-54" value="<div style="text-align: left">Spring Security 此版本总共提供了 32个过滤器</div>这些过滤器主要的逻辑基本都在 doFilterInternal()&nbsp;<br>或 doFilter() 方法" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1340" y="1856" width="240" height="50" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-58" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-55" target="KUAb-_XNP9Eb_uavuq1S-57" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-55" value="<font><span style="font-size: 10px">WebAsyncManager asyncManager = WebAsyncUtils.getAsyncManager(request);</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="1720" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-60" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-57" target="KUAb-_XNP9Eb_uavuq1S-59" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-57" value="<font style="font-size: 9px"><div>asyncManager.<b>registerCallableInterceptor</b>(<br>CALLABLE_INTERCEPTOR_KEY,</div><div><span>					</span>new <b>SecurityContextCallableProcessingInterceptor</b>());<br><font color="#007fff">就是确保注册安全上下文异步结果处理拦截器</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1840" y="1801" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-62" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-59" target="KUAb-_XNP9Eb_uavuq1S-61" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="1910" />
<mxPoint x="1720" y="1910" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-59" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="1880" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-65" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-61" target="KUAb-_XNP9Eb_uavuq1S-64" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-61" value="<font style="font-size: 10px">SecurityContextPersistenceFilter<span>#<br></span>doFilter()<br><font color="#007fff">用于安全上下文持久化</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1620" y="1920" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-63" value="TODO 结合<span style="font-size: 10px">WebAsyncManager看其应用</span>" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=9;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2080" y="1821" width="190" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-67" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-64" target="KUAb-_XNP9Eb_uavuq1S-66" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-64" value="<font style="font-size: 9px"><div><b>HttpRequestResponseHolder</b> holder = new HttpRequestResponseHolder(request,</div><div><span>				</span>response);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="1920" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-69" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-66" target="KUAb-_XNP9Eb_uavuq1S-68" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-326" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-66" target="KUAb-_XNP9Eb_uavuq1S-325" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-66" value="<font><font><b style="font-size: 10px">SecurityContext</b><span style="font-size: 10px"> contextBeforeChainExecution = repo.loadContext(holder);</span><br></font><font color="#007fff" size="1">加载安全上下文信息,首次新建</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=8;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1860" y="2000" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-71" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-68" target="KUAb-_XNP9Eb_uavuq1S-70" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-68" value="<font><font><b style="font-size: 11px">SecurityContextHolder</b><span style="font-size: 11px">.setContext(</span><br><span style="font-size: 11px">contextBeforeChainExecution);</span><br><font style="font-size: 10px" color="#007fff">将安全上下文设置到SecurityContextHolder这里是存储到线程本地(ThreadLocal)</font></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1860" y="2080" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-73" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-70" target="KUAb-_XNP9Eb_uavuq1S-72" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="2190" />
<mxPoint x="1720" y="2190" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-75" value="finally" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-70" target="KUAb-_XNP9Eb_uavuq1S-74" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-70" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="2160" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-77" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-72" target="KUAb-_XNP9Eb_uavuq1S-76" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-72" value="<font style="font-size: 9px"><span style="font-size: 10px">HeaderWriterFilter</span><span style="font-size: 10px">#doFilterInternal()</span><br><font color="#007fff" style="font-size: 9px"><span>主要是在Request和Response中包装了</span><br><span>List&lt;HeaderWriter&gt; headerWriters, 并在<br></span>请求返回后写header</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="2200" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-74" value="<font style="font-size: 9px"><div>SecurityContextHolder.clearContext();</div><div>repo.<b>saveContext</b>(contextAfterChainExecution, holder.getRequest(),&nbsp;<span>holder.getResponse());</span></div><div>request.removeAttribute(FILTER_APPLIED);<br><font color="#007fff">请求从此Filter返回后,再持久化保存一下</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;align=left;arcSize=7;" parent="1" vertex="1">
<mxGeometry x="2100" y="2080" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-79" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-76" target="KUAb-_XNP9Eb_uavuq1S-78" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-76" value="<font style="font-size: 10px"><div>HeaderWriterResponse headerWriterResponse = new <b>HeaderWriterResponse</b>(request,</div><div><span>				</span>response, this.<b>headerWriters</b>);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2200" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-81" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-78" target="KUAb-_XNP9Eb_uavuq1S-80" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-78" value="<font style="font-size: 10px"><div>HeaderWriterRequest headerWriterRequest = new <b>HeaderWriterRequest</b>(request,</div><div><span>				</span>headerWriterResponse);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2280" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-83" value="finally" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-80" target="KUAb-_XNP9Eb_uavuq1S-82" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-85" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-80" target="KUAb-_XNP9Eb_uavuq1S-84" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="2390" />
<mxPoint x="1720" y="2390" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-80" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="2360" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-82" value="<font><span style="font-size: 10px">headerWriterResponse.<b>writeHeaders</b>();</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="2100" y="2280" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-92" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-84" target="KUAb-_XNP9Eb_uavuq1S-91" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-84" value="<font style="font-size: 9px"><span style="font-size: 10px">CsrfFilter</span><span style="font-size: 10px">#doFilterInternal()</span><br><font color="#007fff">用于防止跨站请求伪造攻击</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="2400" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-86" value="<div style="font-size: 8px"><font style="font-size: 8px">测试案例中加载了5种HeaderWriter</font></div><div style="font-size: 8px"><font style="font-size: 8px">XContentTypeOptionsHeaderWriter</font></div><div style="font-size: 8px"><font style="font-size: 8px">XXssProtectionHeaderWriter</font></div><div style="font-size: 8px"><font style="font-size: 8px">CacheControlHeadersWriter</font></div><div style="font-size: 8px"><font style="font-size: 8px">HstsHeaderWriter</font></div><div style="font-size: 8px"><font style="font-size: 8px">XFrameOptionsHeaderWriter<br><br></font></div><div style="font-size: 8px"><font style="font-size: 8px">具体参考&nbsp;<br>X-Content-Type-Options, X-XSS-Protection, <br>Cache-Control, X-Frame-Options, <br>Content-Security-Policy等标头</font></div>" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=9;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1620" y="2260" width="180" height="120" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-88" value="<font style="font-size: 9px;">数据从持久化仓库中加载出来后有3种存储策略<br><br>GlobalSecurityContextHolderStrategy&nbsp; 就是本地对象<br>ThreadLocalSecurityContextHolderStrategy 线程本地<br>InheritableThreadLocalSecurityContextHolderStrategy</font>" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=8;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1620" y="1980" width="230" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-95" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-91" target="KUAb-_XNP9Eb_uavuq1S-94" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-91" value="<font><span style="font-size: 10px">CsrfToken csrfToken = this.tokenRepository.loadToken(request);<br></span><font style="font-size: 10px" color="#007fff">读取服务端存储的csrfToken, 有三种存储方式 cookie 、session、lazy</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2400" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-97" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-94" target="KUAb-_XNP9Eb_uavuq1S-96" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-94" value="<font style="font-size: 9px"><div>csrfToken 不存在就创建并保存<br>csrfToken = this.tokenRepository.<b>generateToken</b>(request);</div><div>this.tokenRepository.<b>saveToken</b>(csrfToken, request, response);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2480" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-99" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-96" target="KUAb-_XNP9Eb_uavuq1S-98" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-96" value="<font><font size="1">this.requireCsrfProtectionMatcher<br>.matches(request)<br></font><font color="#007fff" style="font-size: 10px">判断当前请求路径是否需要防CSRF,不需要的话就直接执行下一个过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2560" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-101" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-98" target="KUAb-_XNP9Eb_uavuq1S-100" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-98" value="<font><font size="1">this.requireCsrfProtectionMatcher<br>.matches(request)<br></font><font color="#007fff" style="font-size: 10px">判断当前请求路径是否需要防CSRF,不需要的话就直接执行下一个过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2640" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-103" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-100" target="KUAb-_XNP9Eb_uavuq1S-102" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-100" value="<font style="font-size: 10px"><font style="font-size: 10px"><span>String actualToken = request.getHeader(</span><br><span>csrfToken.getHeaderName());</span><br><font style="font-size: 10px" color="#007fff">读取客户端传递的CsrfToken</font></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2720" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-107" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-102" target="KUAb-_XNP9Eb_uavuq1S-106" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-102" value="<font style="font-size: 10px"><span style="font-size: 10px">csrfToken.getToken().equals(actualToken)<br></span><font color="#007fff"><font style="font-size: 10px">比较token是否相等,不等的话异常处理<br></font>参考AccessDeniedHandlerImpl</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="2800" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-105" value="如果有指定 errorPage 就重定向到异常页面,否则返回 403" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2070" y="2800" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-109" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-106" target="KUAb-_XNP9Eb_uavuq1S-108" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="2910" />
<mxPoint x="1720" y="2910" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-106" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="2880" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-114" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-108" target="KUAb-_XNP9Eb_uavuq1S-113" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-108" value="<font><span style="font-size: 10px">LogoutFilter#doFilter()</span><br><font color="#007fff" size="1">退出登录请求处理,只匹配 /logout</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="2920" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-110" value="服务端保存 CsrfToken 的3种实现<br><br>CookieCsrfTokenRepository<br>HttpSessionCsrfTokenRepository<br>LazyCsrfTokenRepository" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=8;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1620" y="2460" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-118" value="N" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-113" target="KUAb-_XNP9Eb_uavuq1S-117" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-120" value="Y" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=1;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-113" target="KUAb-_XNP9Eb_uavuq1S-119" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="2000" y="2980" />
<mxPoint x="2115" y="2980" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-113" value="<font style="font-size: 9px ; line-height: 1">requiresLogout(<br>request, response<br><font color="#007fff">是否是/logout请求</font><br></font>" style="rhombus;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1880" y="2920" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-115" value="RequestMatcher logoutRequestMatcher" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2070" y="2935" width="190" height="30" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-122" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-117" target="KUAb-_XNP9Eb_uavuq1S-121" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="3110" />
<mxPoint x="1720" y="3110" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-117" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="3080" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-119" value="<font style="font-size: 8px"><div>Authentication auth = SecurityContextHolder.getContext().getAuthentication();</div><div>this.handler.<b>logout</b>(request, response, auth);</div><div>logoutSuccessHandler.<b>onLogoutSuccess</b>(request, response, auth);<br><b>return</b>;</div></font>" style="rounded=1;whiteSpace=wrap;html=1;align=left;arcSize=6;" parent="1" vertex="1">
<mxGeometry x="2000" y="3000" width="230" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-124" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-121" target="KUAb-_XNP9Eb_uavuq1S-123" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-121" value="<font><span style="font-size: 10px">UsernamePasswordAuthenticationFilter<br>#doFilter()</span><br><font style="font-size: 10px" color="#007fff">用户名密码方式身份认证,&nbsp;</font><font color="#007fff"><span style="font-size: 10px">只匹配 /login</span></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1620" y="3120" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-127" value="Y" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-123" target="KUAb-_XNP9Eb_uavuq1S-126" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="2000" y="3180" />
<mxPoint x="2110" y="3180" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-129" value="N" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-123" target="KUAb-_XNP9Eb_uavuq1S-128" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-123" value="<font style="font-size: 9px ; line-height: 1">requiresAuthentication(<br>request, response<br></font>" style="rhombus;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1880" y="3120" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-125" value="判断是否需要认证(一般都是登录请求)" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2050" y="3130" width="120" height="40" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-135" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-126" target="KUAb-_XNP9Eb_uavuq1S-134" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-506" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-126" target="KUAb-_XNP9Eb_uavuq1S-505" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-126" value="<font><font style="font-size: 10px">authResult = attemptAuthentication(request, response);<br></font><font style="font-size: 10px" color="#007fff">内部读取预设的用户名密码与请求参数中的用户名密码对比</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2000" y="3200" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-131" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-128" target="KUAb-_XNP9Eb_uavuq1S-130" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="3870" />
<mxPoint x="1720" y="3870" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-128" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="3840" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-141" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-130" target="KUAb-_XNP9Eb_uavuq1S-140" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-130" value="<font style="font-size: 10px"><font style="font-size: 10px">DefaultLoginPageGeneratingFilter<br></font>#doFilter()<br><font color="#007fff">针对/login请求、logout成功、login失败3种情况展示 spring security 配置的登录页面</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="3880" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-521" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=11;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-132" target="KUAb-_XNP9Eb_uavuq1S-520" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-132" value="<font style="font-size: 10px">return this.getAuthenticationManager()<br>.<b>authenticate</b>(authRequest);<br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2260" y="3360" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-137" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-134" target="KUAb-_XNP9Eb_uavuq1S-136" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-554" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-134" target="KUAb-_XNP9Eb_uavuq1S-553" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-134" value="<font><font style="font-size: 10px">sessionStrategy.onAuthentication(authResult, request, response)<br></font><font style="font-size: 10px" color="#007fff">认证成功的话使用对应的session策略创建session,DEMO 中没用到暂略</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2000" y="3600" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-139" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-136" target="KUAb-_XNP9Eb_uavuq1S-138" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-136" value="<font style="font-size: 10px"><span>catch:<br></span>unsuccessfulAuthentication(request, response, failed);<br><font style="font-size: 10px" color="#007fff">认证失败处理</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;" parent="1" vertex="1">
<mxGeometry x="2000" y="3680" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-545" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-138" target="KUAb-_XNP9Eb_uavuq1S-544" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-138" value="<font><span style="font-size: 10px">successfulAuthentication(request, response, chain, authResult)</span><br><font style="font-size: 10px" color="#007fff">认证成功后置处理,认证结果储存、token、cookie生成、清除认证临时数据等</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2000" y="3760" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-143" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-140" target="KUAb-_XNP9Eb_uavuq1S-142" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="3990" />
<mxPoint x="1720" y="3990" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-140" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="3960" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-145" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-142" target="KUAb-_XNP9Eb_uavuq1S-144" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-142" value="<font style="font-size: 10px"><font style="font-size: 10px">DefaultLogoutPageGeneratingFilter<br></font>#doFilterInternal()<br><font color="#007fff">针对/logout请求展示 spring security 配置的登录退出页面</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="4000" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-148" value="N" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-144" target="KUAb-_XNP9Eb_uavuq1S-147" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-150" value="Y" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-144" target="KUAb-_XNP9Eb_uavuq1S-149" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="2000" y="4060" />
<mxPoint x="2110" y="4060" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-144" value="<font style="font-size: 10px">this.matcher.matches(request)</font>" style="rhombus;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1880" y="4000" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-146" value="/logout" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2040" y="4020" width="50" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-152" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-147" target="KUAb-_XNP9Eb_uavuq1S-151" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="4190" />
<mxPoint x="1720" y="4190" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-147" value="<font><div><span style="font-size: 10px"><span>		</span>filterChain.doFilter(request, response);</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="4160" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-149" value="<font><span style="font-size: 10px">renderLogout(request, response)</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;arcSize=6;" parent="1" vertex="1">
<mxGeometry x="2000" y="4080" width="220" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-156" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-151" target="KUAb-_XNP9Eb_uavuq1S-155" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-151" value="<font style="font-size: 10px"><font style="font-size: 10px">RequestCacheAwareFilter<br></font>#doFilter()<br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="4200" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-154" value="<font style="font-size: 9px">使用场景是在用户访问资源受到保护的Web应用程序时,如果用户未经身份验证,将请求缓存起来,并将用户重定向到登录页。当用户成功进行身份验证后,RequestCacheAwareFilter可以将之前缓存的请求恢复并继续处理,从而提供更好的用户体验。</font>" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1620" y="4260" width="200" height="90" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-158" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-155" target="KUAb-_XNP9Eb_uavuq1S-157" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-155" value="<font style="font-size: 9px"><div>HttpServletRequest <b>wrappedSavedRequest</b> = requestCache.getMatchingRequest(</div><div>(HttpServletRequest) request, (HttpServletResponse) response);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="4200" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-160" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-157" target="KUAb-_XNP9Eb_uavuq1S-159" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="4390" />
<mxPoint x="1720" y="4390" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-157" value="<font size="1"><div>chain.doFilter(wrappedSavedRequest == null ? request : wrappedSavedRequest,</div><div>response)</div></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="1860" y="4320" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-162" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-159" target="KUAb-_XNP9Eb_uavuq1S-161" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-159" value="<font style="font-size: 10px"><font style="font-size: 10px">SecurityContextHolderAwareRequestFilter<br></font><span style="font-size: 10px">#doFilter()</span><br><font color="#007fff"><span><font style="font-size: 10px">通过装饰器模式(Wrapper),将当前用户的安全上下文信息存储到请求中<br></font></span>包括身份认证和授权信息</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="4400" width="200" height="70" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-165" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-161" target="KUAb-_XNP9Eb_uavuq1S-163" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="4480" />
<mxPoint x="1720" y="4480" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-363" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-161" target="KUAb-_XNP9Eb_uavuq1S-362" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-161" value="<font size="1"><div>chain.doFilter(this.<b>requestFactory</b>.create(<br>(HttpServletRequest) req,</div><div>(HttpServletResponse) res), res);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="4405" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-168" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-163" target="KUAb-_XNP9Eb_uavuq1S-167" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-163" value="<font><font style="font-size: 10px">AnonymousAuthenticationFilter<br></font><span style="font-size: 10px">#doFilter()</span><br><font color="#007fff" style="font-size: 10px">匿名认证过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="4500" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-166" value="<font><font size="1">AnonymousAuthenticationFilter会检查当前的安全上下文中是否存在已认证的用户身份信息。如果不存在,AnonymousAuthenticationFilter会为访问设置一个匿名用户身份,并将其存储到安全上下文中。</font><br><br><font size="1">http.anonymous().principal("guest")<br>.authorities("ROLE_GUEST");&nbsp;</font><br></font>" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1620" y="4562" width="200" height="118" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-170" value="N" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-167" target="KUAb-_XNP9Eb_uavuq1S-169" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-175" value="Y" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-167" target="KUAb-_XNP9Eb_uavuq1S-174" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="2000" y="4560" />
<mxPoint x="2100" y="4560" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-167" value="<font style="font-size: 9px">SecurityContextHolder.getContext()<br>.getAuthentication() == null</font>" style="rhombus;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1">
<mxGeometry x="1880" y="4500" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-172" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-169" target="KUAb-_XNP9Eb_uavuq1S-171" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="1960" y="4710" />
<mxPoint x="1720" y="4710" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-169" value="<font><span style="font-size: 10px">chain.doFilter(req, res);</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fad9d5;strokeColor=#ae4132;" parent="1" vertex="1">
<mxGeometry x="1860" y="4680" width="200" height="20" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-368" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-171" target="KUAb-_XNP9Eb_uavuq1S-177" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-171" value="<font><font><div><span style="font-size: 10px">SessionManagementFilter</span></div></font><span style="font-size: 10px">#doFilter()</span><br><font color="#007fff" style="font-size: 10px">过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1620" y="4720" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-173" value="即检查下安全上下文中是否已经有认证信息" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=9;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="2050" y="4515" width="110" height="30" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-176" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-174" target="KUAb-_XNP9Eb_uavuq1S-169" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-367" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-174" target="KUAb-_XNP9Eb_uavuq1S-366" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-174" value="<font style="font-size: 9px"><div>SecurityContextHolder.getContext()<br>.setAuthentication(</div><div>createAuthentication((HttpServletRequest) req))<br><font color="#007fff">创建匿名认证信息</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2000" y="4580" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-369" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-177" target="KUAb-_XNP9Eb_uavuq1S-178" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-440" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-177" target="KUAb-_XNP9Eb_uavuq1S-439" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-177" value="<font><font><div><span style="font-size: 10px">ExceptionTranslationFilter</span><br></div><div></div></font><span style="font-size: 10px">#doFilter()</span><br><font color="#007fff" style="font-size: 10px">异常catch过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1620" y="4820" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-377" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=8;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-178" target="KUAb-_XNP9Eb_uavuq1S-373" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-178" value="<font><font><div><span style="font-size: 10px">FilterSecurityInterceptor</span><br></div></font><span style="font-size: 10px">#doFilter()</span><br><font color="#007fff" style="font-size: 10px">鉴授权过滤器</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="1620" y="5040" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-179" value="<font style="font-size: 11px;">&nbsp;如何理解SpringSecurity原理与使用:<br><br>1 SpringSecurity 的本质:一个拦截请求的<b>过滤器链</b>;分析的版本中提供了32个过滤器实现,主要提供三大功能:认证&amp;授权&amp;安全漏洞保护;<br>2 SpringSecurity 过滤器链装配到MVC(也可以是Flux)的方式和位置:通过 <b>DelegatingFilterProxyRegistrationBean</b> 的方式注册并将 <b>springSecurityFilterChain</b> 装配在 <b>ApplicationFilterChain</b> 中;<br>3 过滤器链创建原理:WebSecurity&nbsp; HttpSecurity 和&nbsp;SecurityFilterChain 的关系;<br>4 找几个典型的功能(如:用户名密码认证、接口授权、OAuth、CAS等)从配置代码到认证授权实现调试一下代码的主流程;理解配置的底层数据结构,各种功能的原理主流程<br>4.1 <b>认证</b>:通过一个凭据换取用户信息(比如用户名密码、Token),官方提供了一个用户名密码认证的例子:UsernamePasswordAuthenticationFilter&nbsp;extends AbstractAuthenticationProcessingFilter<br>4.2 <b>授权</b>:默认授权处理(权限校验)在&nbsp;<b>FilterSecurityInterceptor</b> 完成<br>5 学会如何在Spring Security 基础上为自己的业务拓展功能(官方提供的一些默认的实现其实就是最后的参考例子)<br>5.1 <b>自定义认证</b>:比如现在普遍的认证方式是借助Token令牌认证,比如实现一个 TokenAuthenticationFilter&nbsp;<br>5.2 <b>自定义授权:</b><br></font>" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=top;whiteSpace=wrap;rounded=0;fontSize=9;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="360" y="20" width="1120" height="180" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-183" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-180" target="KUAb-_XNP9Eb_uavuq1S-182" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-185" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-180" target="KUAb-_XNP9Eb_uavuq1S-184" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-285" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;dashed=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-180" target="KUAb-_XNP9Eb_uavuq1S-284" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-180" value="官方用户名密码认证<br>&amp; 接口授权" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" vertex="1">
<mxGeometry x="40" y="1920" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-190" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-182" target="KUAb-_XNP9Eb_uavuq1S-189" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-199" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-182" target="KUAb-_XNP9Eb_uavuq1S-198" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-182" value="用户名密码认证配置<br><font color="#007fff">两种方式:通过接口配置、<br>通过注解配置</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="240" y="1920" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-287" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-184" target="KUAb-_XNP9Eb_uavuq1S-286" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="PFjZbSy7WQfFXivyGzdx-4" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0;exitDx=0;exitDy=0;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-184" target="KUAb-_XNP9Eb_uavuq1S-38" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="400" y="2240" />
<mxPoint x="940" y="2240" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="PFjZbSy7WQfFXivyGzdx-5" value="<font color="#007fff">所属主流程</font>" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="PFjZbSy7WQfFXivyGzdx-4" vertex="1" connectable="0">
<mxGeometry x="-0.9623" relative="1" as="geometry">
<mxPoint as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-184" value="认证&amp;授权主流程<br><font color="#007fff">比如 未认证请求/demo/home</font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="240" y="2280" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-186" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><i>Authentication 身份认证信息接口</i></p><hr size="1"><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px" color="#007fff">//权限信息列表,默认是GrantedAuthority接口的一些实现类,</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px"><font style="font-size: 11px" color="#007fff">通常是代表权限信息的一系列字符串</font><br>Collection&lt;? extends GrantedAuthority&gt; getAuthorities();<br></font></p><font color="#007fff" style="font-size: 11px">&nbsp; //密码信息,用户输入的密码字符串,在认证过后通常会被移除,<br>&nbsp; 用于保障安全</font><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px">Object getCredentials();</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px" color="#007fff">//细节信息,web应用中的实现接口通常为 WebAuthenticationDetails,</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px" color="#007fff">它记录了访问者的ip地址和sessionId的值</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px">Object getDetails();</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px" color="#007fff">//身份信息,比如用户名</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px">Object getPrincipal();</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px">boolean isAuthenticated();</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px">void setAuthenticated(boolean var1)</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font style="font-size: 11px"><span style="white-space: pre">	</span>throws IllegalArgumentException;</font></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="-1560" y="1640" width="360" height="240" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-273" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;endArrow=block;endFill=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-187" target="KUAb-_XNP9Eb_uavuq1S-270" edge="1">
<mxGeometry relative="1" as="geometry">
<mxPoint x="-850" y="1039.9999999999995" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="qwSPwGrAE5PhXKtDNLOx-2" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;endArrow=diamondThin;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-187" target="KUAb-_XNP9Eb_uavuq1S-223" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-187" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><i><b>WebSecurity</b></i><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><font color="#007fff"><b>WebSecurity 保存有一组创建安全过滤器链的Builder, 即保存一组 HttpSecurity</b></font></p><p style="margin: 0px ; margin-left: 4px"><br></p><p style="margin: 0px ; margin-left: 4px">private final List&lt;RequestMatcher&gt; ignoredRequests = new ArrayList&lt;&gt;();</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff"><b>// 用于创建安全过滤器链的builder列表,里面其实就是 HttpSecurity</b></font></p><p style="margin: 0px ; margin-left: 4px">private final List&lt;SecurityBuilder&lt;? extends SecurityFilterChain&gt;&gt; <b>securityFilterChainBuilders</b></p><p style="margin: 0px ; margin-left: 4px"><span style="white-space: pre">	</span>&nbsp;= new ArrayList&lt;SecurityBuilder&lt;? extends SecurityFilterChain&gt;&gt;();</p><p style="margin: 0px ; margin-left: 4px">private IgnoredRequestConfigurer ignoredRequestRegistry;</p><p style="margin: 0px ; margin-left: 4px">private FilterSecurityInterceptor <b>filterSecurityInterceptor</b>;</p><p style="margin: 0px ; margin-left: 4px">private HttpFirewall <b>httpFirewall</b>;</p><p style="margin: 0px ; margin-left: 4px">private boolean debugEnabled;</p><p style="margin: 0px ; margin-left: 4px">private WebInvocationPrivilegeEvaluator privilegeEvaluator;</p><p style="margin: 0px ; margin-left: 4px">private DefaultWebSecurityExpressionHandler <b>defaultWebSecurityExpressionHandler</b>&nbsp;</p><p style="margin: 0px ; margin-left: 4px"><span style="white-space: pre">	</span>&nbsp;= new DefaultWebSecurityExpressionHandler();</p><p style="margin: 0px ; margin-left: 4px">private SecurityExpressionHandler&lt;FilterInvocation&gt; <b>expressionHandler</b>&nbsp;</p><p style="margin: 0px ; margin-left: 4px"><span style="white-space: pre">	</span>&nbsp;= defaultWebSecurityExpressionHandler;</p><p style="margin: 0px ; margin-left: 4px">private Runnable postBuildAction = new Runnable() {...};</p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="-600" y="1080" width="560" height="320" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-271" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;endArrow=block;endFill=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-188" target="KUAb-_XNP9Eb_uavuq1S-270" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-188" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><i><b>AuthenticationManagerBuilder</b>&nbsp; 用于构建用户信息存储、认证的管理器</i><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px">private AuthenticationManager parentAuthenticationManager;</p><p style="margin: 0px ; margin-left: 4px">private List&lt;AuthenticationProvider&gt; <b>authenticationProviders</b> = new ArrayList&lt;&gt;();</p><p style="margin: 0px 0px 0px 4px ; font-size: 11px"><font color="#007fff" style="font-size: 11px">//默认的UserDetailsService,查询用户详情信息, 从UserDetailsManagerService 中读取</font></p><p style="margin: 0px 0px 0px 4px ; font-size: 11px">private UserDetailsService <b>defaultUserDetailsService</b>;</p><p style="margin: 0px ; margin-left: 4px">private Boolean eraseCredentials;</p><p style="margin: 0px ; margin-left: 4px">private AuthenticationEventPublisher eventPublisher;</p><p style="margin: 0px ; margin-left: 4px"><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="-1580" y="1081" width="480" height="179" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-193" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-189" target="KUAb-_XNP9Eb_uavuq1S-192" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-189" value="接口配置<br><font style="font-size: 10px" color="#007fff">WebSecurityConfigurerAdapter,<br>spring boot 2.7.0之后已经废弃了这种配置方式<br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="440" y="1920" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-195" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-192" target="KUAb-_XNP9Eb_uavuq1S-194" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-263" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-192" target="KUAb-_XNP9Eb_uavuq1S-262" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-192" value="<font style="font-size: 10px">WebSecurityConfigurerAdapter<br><font color="#007fff">继承此类,通过@Configuration自动加载</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="640" y="1920" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-194" value="<font style="font-size: 9px;"><div style="text-align: left"><span>http</span></div><div style="text-align: left"><span><font color="#007fff">&nbsp; &nbsp; // 配置请求要求的权限</font></span></div><div style="text-align: left"><span>&nbsp; &nbsp; .authorizeRequests()</span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .antMatchers("/test/demo").permitAll() // 所有用户可访问</span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .antMatchers("/test/admin").hasRole("ADMIN") // 需要 ADMIN 角色</span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .antMatchers("/test/normal").access("hasRole('ROLE_NORMAL')")&nbsp;</span></div><div style="text-align: left"><span><font color="#007fff">&nbsp; &nbsp; &nbsp; &nbsp; // 兜底:其他任何请求,访问的用户都需要经过认证</font></span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .anyRequest().authenticated()</span><span style="background-color: initial;">.and()</span></div><div style="text-align: left"><span><font color="#007fff">&nbsp; &nbsp; // 设置 Form 表单登陆</font></span></div><div style="text-align: left"><span>&nbsp; &nbsp; .formLogin()</span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .permitAll() // 所有用户可访问</span></div><div style="text-align: left"><span>&nbsp; &nbsp; .and()</span></div><div style="text-align: left"><span><font color="#007fff">&nbsp; &nbsp; // 配置退出相关</font></span></div><div style="text-align: left"><span>&nbsp; &nbsp; .logout()</span></div><div style="text-align: left"><span>&nbsp; &nbsp; &nbsp; &nbsp; .permitAll(); // 所有用户可访问</span></div><div style="text-align: left"><span style="color: rgb(0, 127, 255); background-color: initial;">HttpSecurity自定义配置</span></div></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=3;" parent="1" vertex="1">
<mxGeometry x="840" y="1840" width="320" height="200" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-197" value="bean创建后,注入四个Bean:<br>AuthenticationTrustResolver<br>ContentNegotiationStrategy<br>ObjectPostProcessor&lt;Object&gt;<br><b>AuthenticationConfiguration</b><br>" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="640" y="1980" width="160" height="80" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-198" value="注解配置<br><div><font style="font-size: 10px" color="#007fff">@EnableGlobalMethodSecurity<br>启用,在方法上通过注解配置</font></div>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="440" y="2120" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-202" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-200" target="KUAb-_XNP9Eb_uavuq1S-201" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-203" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.75;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-200" target="KUAb-_XNP9Eb_uavuq1S-1" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-200" value="<font style="font-size: 9px"><span style="font-size: 10px">@EnableGlobalMethodSecurity</span><br><font color="#007fff" style="font-size: 9px"><span>starter 中默认没有启用这个注解,属于一个扩展项,可以在方法上配置安全访问控制,比如</span><span>@RolesAllowed、@PreAuthorize等注解</span></font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#e3c800;strokeColor=#B09500;fontColor=#000000;" parent="1" vertex="1">
<mxGeometry x="740" y="1420" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-201" value="<font><span style="font-size: 10px">@Import(<br>GlobalMethodSecuritySelector)</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="980" y="1420" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-210" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-204" target="KUAb-_XNP9Eb_uavuq1S-209" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-204" value="<font><span style="font-size: 10px">@Autowired(required = false)</span><br><span style="font-size: 10px"><b>setFilterChainProxySecurityConfigurer</b>()</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="1180" y="900" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-207" value="新建 WebSecurity 实例并执行初始化等方法;<br>从Bean容器读取 WebSecurityConfigurer 类型的 Bean,&nbsp; 也就是业务配置的 Bean;&nbsp;" style="text;html=1;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="1180" y="840" width="300" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-209" value="<font style=""><div style="font-size: 10px;">webSecurity = objectPostProcessor</div><div style="font-size: 10px;">.postProcess(new <b>WebSecurity</b>(objectPostProcessor));</div>for webSecurityConfigurers<span style="font-size: 10px;">:</span><br><span style="font-size: 10px;">webSecurity.</span><b style="font-size: 10px;">apply</b><span style="font-size: 10px;">(</span><span style="font-size: 10px;">webSecurityConfigurer)<br><font color="#007fff">webSecurityConfigurers 即自定义的配置类</font></span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="1420" y="890" width="360" height="80" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-218" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-211" target="KUAb-_XNP9Eb_uavuq1S-216" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-226" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-211" target="KUAb-_XNP9Eb_uavuq1S-225" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-211" value="<font><span style="font-size: 10px"><b>HttpSecurity</b> http = getHttp()</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2020" y="541" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-229" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-213" target="KUAb-_XNP9Eb_uavuq1S-228" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-213" value="<font style=""><div style=""><span style="font-size: 10px;">http = new </span><b style=""><font style="font-size: 12px;">HttpSecurity</font></b><span style="font-size: 10px;">(objectPostProcessor, </span><b style="font-size: 10px;">authenticationBuilder</b><span style="font-size: 10px;">,</span></div><div style="font-size: 10px;">				sharedObjects);</div></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=8;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2290" y="621" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-215" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;dashed=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-216" target="KUAb-_XNP9Eb_uavuq1S-217" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-216" value="<font style="font-size: 10px;"><span style="">web.<b>addSecurityFilterChainBuilder</b>(http)<br>.postBuildAction(...)<br></span><font style="font-size: 10px;" color="#007fff">表明HttpSecurity就是 WebSecurity的一个过滤器链Builder</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2020" y="1041" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-217" value="<font><div><span style="font-size: 10px">FilterSecurityInterceptor securityInterceptor = http</span></div><div><span style="font-size: 10px"><span>						</span>.<b>getSharedObject</b>(FilterSecurityInterceptor.class);</span></div><span style="font-size: 10px">web.<b>securityInterceptor</b>(securityInterceptor);</span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="2290" y="1041" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-219" value="<font><span style="font-size: 10px">for&nbsp;<b>configurers</b>:<br>configurer.<b>init</b>((B) this);</span><br><font style="font-size: 10px;" color="#007fff">configurer是过滤器的配置类</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
<mxGeometry x="2220" y="1200" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-222" value="里面定义了3个开关,<br>分别对应3种方法安全配置规范" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="440" y="2184" width="150" height="30" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-272" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;endArrow=block;endFill=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-223" target="KUAb-_XNP9Eb_uavuq1S-270" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-281" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0;exitY=0.5;exitDx=0;exitDy=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;fontSize=10;fontColor=#007FFF;endArrow=diamondThin;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-223" target="KUAb-_XNP9Eb_uavuq1S-188" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="qwSPwGrAE5PhXKtDNLOx-28" value="<font style="font-size: 9px;">sharedObjects</font>" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="KUAb-_XNP9Eb_uavuq1S-281" vertex="1" connectable="0">
<mxGeometry x="-0.0657" y="2" relative="1" as="geometry">
<mxPoint x="-10" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-223" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><i><b>HttpSecurity</b></i><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><font color="#007fff"><b>其实就是用于创建一条Http过滤器链的Builder</b></font></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff"><br></font></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//请求路径匹配规则的配置器</font></p><p style="margin: 0px ; margin-left: 4px">private final RequestMatcherConfigurer <b>requestMatcherConfigurer</b>;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//一组过滤器</font></p><p style="margin: 0px ; margin-left: 4px">private List&lt;Filter&gt; <b>filters</b> = new ArrayList&lt;&gt;();</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">// 请求路径匹配器,决定哪些请求会走此HttpSecurity创建的过滤器链</font></p><p style="margin: 0px ; margin-left: 4px">private RequestMatcher <b>requestMatcher</b> = AnyRequestMatcher.INSTANCE;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">// Filter 排序用的</font></p><p style="margin: 0px ; margin-left: 4px">private FilterComparator <b>comparator</b> = new FilterComparator();</p><p style="margin: 0px ; margin-left: 4px"><br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="-1060" y="1080" width="420" height="240" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-227" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-225" target="KUAb-_XNP9Eb_uavuq1S-213" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-235" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-225" target="KUAb-_XNP9Eb_uavuq1S-234" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-225" value="<font style="font-size: 8px"><div><span style="background-color: initial;">AuthenticationManager </span><b style="background-color: initial;">authenticationManager</b><span style="background-color: initial;"> = </span><b style="background-color: initial;">authenticationManager</b><span style="background-color: initial;">();</span><br></div><div>authenticationBuilder.parentAuthenticationManager(<b>authenticationManager</b>);</div><div><span style="background-color: initial;">Map&lt;Class&lt;? extends Object&gt;, Object&gt; </span><b style="background-color: initial;">sharedObjects</b><span style="background-color: initial;"> = createSharedObjects();</span><br></div></font>" style="rounded=1;whiteSpace=wrap;html=1;align=left;fillColor=#dae8fc;strokeColor=#6c8ebf;" parent="1" vertex="1">
<mxGeometry x="2260" y="541" width="300" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-231" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=9;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-228" target="KUAb-_XNP9Eb_uavuq1S-230" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="9H62B6xVDZifgV9hTqks-9" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.513;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-228" target="9H62B6xVDZifgV9hTqks-8" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="9H62B6xVDZifgV9hTqks-13" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-228" target="9H62B6xVDZifgV9hTqks-12" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-228" value="<font style=""><div style="font-size: 9px;">&nbsp; &nbsp; http</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .csrf().and()</div><div style=""><span style="font-size: 9px; white-space: pre;">	</span><font style="font-size: 8px;" color="#007fff">//只有这个是直接添加的,其他的都是注册的过滤器配置类</font><br></div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .<b>addFilter</b>(new WebAsyncManagerIntegrationFilter())</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .exceptionHandling().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .headers().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .sessionManagement().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .securityContext().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .requestCache().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .anonymous().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .servletApi().and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .apply(new DefaultLoginPageConfigurer&lt;&gt;()).and()</div><div style="font-size: 9px;">&nbsp; &nbsp; &nbsp; &nbsp; .logout();</div><div style="font-size: 9px;"><font color="#007fff">默认添加了一些基本的安全过滤器配置,这里解释了为何后面过滤器链中为何多了那么多Filter</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;align=left;arcSize=4;" parent="1" vertex="1">
<mxGeometry x="2290" y="701" width="240" height="160" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-233" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-230" target="KUAb-_XNP9Eb_uavuq1S-232" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="9H62B6xVDZifgV9hTqks-10" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.5;entryY=1.067;entryDx=0;entryDy=0;entryPerimeter=0;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-230" target="9H62B6xVDZifgV9hTqks-8" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-230" value="<font style="font-size: 10px"><span>for defaultHttpConfigurers:<br></span>http.apply(configurer);<br><font color="#007fff">Spring SPI 加载&nbsp;<b>AbstractHttpConfigurer</b>,并应用配置,TODO</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=8;" parent="1" vertex="1">
<mxGeometry x="2290" y="881" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="9H62B6xVDZifgV9hTqks-11" style="rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0.5;entryY=1.2;entryDx=0;entryDy=0;entryPerimeter=0;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-232" target="9H62B6xVDZifgV9hTqks-8" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-232" value="<font><span style="font-size: 10px"><b>configure</b>(http);<br></span><font color="#007fff">调用自定义的HttpSecurity配置</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=8;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2290" y="961" width="240" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-267" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;dashed=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-234" target="KUAb-_XNP9Eb_uavuq1S-266" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-234" value="<font style="font-size: 10px"><font style="font-size: 10px"><b>configure</b>(localConfigureAuthenticationBldr)<br></font><font style="font-size: 10px" color="#007fff">自定义的认证管理器builder配置,默认<br></font><font color="#007fff"><b>DefaultPasswordEncoderAuthenticationManagerBuilder<br></b>在 setApplicationContext()时创建</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="2600" y="541" width="280" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-48" value="自动配置阶段做的事情还挺多的,<br>这一步不需要看那么细,可以先看后面<br>请求拦截主流程,需要详细看某个Bean<br>到底是怎么配置以及怎么被调用到的<br>再回来找" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontSize=10;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="130" y="870" width="190" height="70" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-252" value="在 <b>SecurityAutoConfiguration</b> 之后执行" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=8;fontColor=#007FFF;" parent="1" vertex="1">
<mxGeometry x="240" y="1380" width="160" height="30" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-256" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;exitX=1;exitY=0;exitDx=0;exitDy=0;entryX=0;entryY=0.75;entryDx=0;entryDy=0;fontSize=8;fontColor=#007FFF;dashed=1;fillColor=#d5e8d4;strokeColor=#82b366;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-254" target="mgh684Ju6QphpoWxp4na-53" edge="1">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="600" y="1290" />
<mxPoint x="950" y="1290" />
<mxPoint x="950" y="1110" />
<mxPoint x="1160" y="1110" />
<mxPoint x="1160" y="1085" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-260" value="<font style="font-size: 10px;">@ConditionalOnBean(name = DEFAULT_FILTER_NAME)</font>" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=8;fontColor=#007FFF;" parent="KUAb-_XNP9Eb_uavuq1S-256" vertex="1" connectable="0">
<mxGeometry x="-0.9176" y="1" relative="1" as="geometry">
<mxPoint x="126" y="-9" as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-259" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=8;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-254" target="KUAb-_XNP9Eb_uavuq1S-258" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-254" value="<font style="font-size: 8px"><span>@Bean</span><br><div><span>&nbsp;DelegatingFilterProxyRegistrationBean securityFilterChainRegistration()<br></span><font color="#007fff">依赖springSecurityFilterChain</font></div></font>" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">
<mxGeometry x="440" y="1320" width="160" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-258" value="<div style="font-size: 10px;"><font style="font-size: 10px;">DelegatingFilterProxyRegistrationBean registration&nbsp;</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">&nbsp; &nbsp; = new <b>DelegatingFilterProxyRegistrationBean</b>(</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">DEFAULT_FILTER_NAME);</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">registration.setOrder(securityProperties.getFilter().<b>getOrder</b>());</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">registration.<b>setDispatcherTypes</b>(</font></div><div style="font-size: 10px;"><font style="font-size: 10px;">getDispatcherTypes(securityProperties));</font></div><div style="font-size: 10px;"><font style="font-size: 10px;" color="#007fff">TOOD: 深入了解下这个 RegistrationBean 是怎么将自定义Filter注册到 Tomcat中的?</font></div>" style="rounded=1;whiteSpace=wrap;html=1;align=left;fillColor=#fff2cc;strokeColor=#d6b656;arcSize=8;" parent="1" vertex="1">
<mxGeometry x="640" y="1300" width="280" height="100" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-261" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center">SecurityProperties<br></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//yaml 或 propeties 中的配置项</font></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff"><br></font></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//指定 Security Filter 作用的资源访问类型(默认request)<br></font></p><font color="#007fff"><span style="white-space: pre">	</span>包括 request,async,error,forward,include</font><p style="margin: 0px ; margin-left: 4px">spring.security.filter.dispatcher-types<br></p><p style="margin: 0px ; margin-left: 4px">spring.security.filter.order<br></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//配置默认用户名、密码、角色</font></p><p style="margin: 0px ; margin-left: 4px">spring.security.user.name</p><p style="margin: 0px ; margin-left: 4px">spring.security.user.password<br></p><p style="margin: 0px ; margin-left: 4px">spring.security.user.roles</p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;" parent="1" vertex="1">
<mxGeometry x="-1040" y="240" width="320" height="180" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-262" value="<font style="font-size: 9px;"><div style="text-align: left"><div>auth.</div><div><font color="#007fff">&nbsp; &nbsp; // 使用内存中的 InMemoryUserDetailsManager</font></div><div>&nbsp; &nbsp; inMemoryAuthentication()</div><div><font color="#007fff">&nbsp; &nbsp; <span style="white-space: pre;">	</span>// 不使用 PasswordEncoder 密码编码器</font></div><div>&nbsp; &nbsp; <span style="white-space: pre;">	</span>.passwordEncoder(NoOpPasswordEncoder.getInstance())</div><div><font color="#007fff">&nbsp; &nbsp; <span style="white-space: pre;">	</span>// 配置 admin 用户</font></div><div>&nbsp; &nbsp; <span style="white-space: pre;">	</span>.withUser("admin").password("admin").roles("ADMIN")</div><div>&nbsp; &nbsp; <span style="white-space: pre;">	</span><font color="#007fff">// 配置 normal 用户</font></div><div>&nbsp; &nbsp; <span style="white-space: pre;">	</span>.and().withUser("normal").password("normal").roles("NORMAL");<br><font style="font-size: 9px;" color="#007fff">AuthenticationManagerBuilder 自定义配置</font></div></div></font>" style="rounded=1;whiteSpace=wrap;html=1;arcSize=3;" parent="1" vertex="1">
<mxGeometry x="840" y="2060" width="320" height="120" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-269" value="" style="edgeStyle=orthogonalEdgeStyle;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=10;fontColor=#007FFF;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-266" target="KUAb-_XNP9Eb_uavuq1S-268" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-296" value="" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=11;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-266" target="KUAb-_XNP9Eb_uavuq1S-295" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-266" value="<font><span style="font-size: 10px">auth.inMemoryAuthentication()</span><br><span style="font-size: 10px"><font color="#007fff">返回InMemoryUserDetailsManagerConfigurer,这个配置类对象</font></span><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;" parent="1" vertex="1">
<mxGeometry x="2920" y="541" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-294" value="" style="edgeStyle=none;rounded=1;orthogonalLoop=1;jettySize=auto;html=1;fontSize=11;fontColor=#007FFF;endArrow=classic;endFill=1;" parent="1" source="KUAb-_XNP9Eb_uavuq1S-268" target="KUAb-_XNP9Eb_uavuq1S-293" edge="1">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-268" value="<font><font style="font-size: 9px">apply(new <b>InMemoryUserDetailsManagerConfigurer</b>&lt;&gt;())</font><br></font>" style="rounded=1;whiteSpace=wrap;html=1;align=center;" parent="1" vertex="1">
<mxGeometry x="3160" y="541" width="200" height="60" as="geometry" />
</mxCell>
<mxCell id="KUAb-_XNP9Eb_uavuq1S-270" value="<p style="margin: 0px ; margin-top: 4px ; text-align: center"><b>AbstractConfiguredSecurityBuilder&nbsp;&nbsp;</b><span style="background-color: initial;"><i>SecurityBuilder 的组合</i></span></p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><span style="color: rgb(0 , 127 , 255)">//对于HttpSecurity是用于创建各种 <b>Filter</b> 的<b>一组配置器,</b>对于WebSecurity是创建<b>过滤器链</b>的<b>一组配置器</b></span><br></p><p style="margin: 0px ; margin-left: 4px">private final LinkedHashMap&lt;Class&lt;? extends SecurityConfigurer&lt;O, B&gt;&gt;, List&lt;SecurityConfigurer&lt;O, B&gt;&gt;&gt; <b>configurers</b>&nbsp;</p><p style="margin: 0px ; margin-left: 4px">&nbsp; &nbsp; = new <b>LinkedHashMap</b>&lt;Class&lt;? extends SecurityConfigurer&lt;O, B&gt;&gt;, List&lt;SecurityConfigurer&lt;O, B&gt;&gt;&gt;();</p><p style="margin: 0px ; margin-left: 4px">private final List&lt;SecurityConfigurer&lt;O, B&gt;&gt; <b>configurersAddedInInitializing</b> = new ArrayList&lt;SecurityConfigurer&lt;O, B&gt;&gt;();</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//多个 SecurityConfigurer 共享的对象集合,比如HttpSecurity通过此集合 组合AuthenticationManagerBuilder对象</font></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//配置时多通过 objectPostProcessor 传给组件</font></p><p style="margin: 0px ; margin-left: 4px">private final Map&lt;Class&lt;? extends Object&gt;, Object&gt; <b>sharedObjects</b> = new HashMap&lt;Class&lt;? extends Object&gt;, Object&gt;();</p><p style="margin: 0px ; margin-left: 4px">private final boolean allowConfigurersOfSameType;</p><p style="margin: 0px ; margin-left: 4px">private BuildState buildState = BuildState.UNBUILT;</p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//</font></p><p style="margin: 0px ; margin-left: 4px">private ObjectPostProcessor&lt;Object&gt; <b>objectPostProcessor</b>;</p><p style="margin: 0px ; margin-left: 4px"><br></p><p style="margin: 0px ; margin-left: 4px"><font color="#007fff">//继承自 AbstractSecurityBuilder</font></p><p style="margin: 0px ; margin-left: 4px">private AtomicBoolean building = new AtomicBoolean();</p><p style="margin: 0px ; margin-left: 4px">private O object;</p><hr size="1"><p style="margin: 0px ; margin-left: 4px"><br></p>" style="verticalAlign=top;align=left;overflow=fill;fontSize=12;fontFamily=Helvetica;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" parent="1" vertex="1">