Spring Security文章目录
类路径:org.springframework.boot.autoconfigure.security.SecurityProperties
配置:
{
"name": "security.basic.authorize-mode",
"type": "org.springframework.boot.autoconfigure.security.SecurityAuthorizeMode",
"description": "Security authorize mode to apply.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",
"defaultValue": "role"
},
{
"name": "security.basic.enabled",
"type": "java.lang.Boolean",
"description": "Enable basic authentication.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",
"defaultValue": true
},
{
"name": "security.basic.path",
"type": "java.lang.String[]",
"description": "Comma-separated list of paths to secure.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",
"defaultValue": ["/**"]
},
{
"name": "security.basic.realm",
"type": "java.lang.String",
"description": "HTTP basic realm name.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",
"defaultValue": "Spring"
},
{
"name": "security.enable-csrf",
"type": "java.lang.Boolean",
"description": "Enable Cross Site Request Forgery support.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",
"defaultValue": false
},
{
"name": "security.filter-dispatcher-types",
"type": "java.util.Set<java.lang.String>",
"description": "Security filter chain dispatcher types.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties"
},
{
"name": "security.filter-order",
"type": "java.lang.Integer",
"description": "Security filter chain order.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",
"defaultValue": 0
},
{
"name": "security.headers.cache",
"type": "java.lang.Boolean",
"description": "Enable cache control HTTP headers.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": true
},
{
"name": "security.headers.content-security-policy",
"type": "java.lang.String",
"description": "Value for content security policy header.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers"
},
{
"name": "security.headers.content-security-policy-mode",
"type": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers$ContentSecurityPolicyMode",
"description": "Content security policy mode.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": "default"
},
{
"name": "security.headers.content-type",
"type": "java.lang.Boolean",
"description": "Enable \"X-Content-Type-Options\" header.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": true
},
{
"name": "security.headers.frame",
"type": "java.lang.Boolean",
"description": "Enable \"X-Frame-Options\" header.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": true
},
{
"name": "security.headers.hsts",
"type": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers$HSTS",
"description": "HTTP Strict Transport Security (HSTS) mode (none, domain, all).",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": "all"
},
{
"name": "security.headers.xss",
"type": "java.lang.Boolean",
"description": "Enable cross site scripting (XSS) protection.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",
"defaultValue": true
},
{
"name": "security.ignored",
"type": "java.util.List<java.lang.String>",
"description": "Comma-separated list of paths to exclude from the default secured paths.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties"
},
{
"name": "security.oauth2.authorization.check-token-access",
"type": "java.lang.String",
"description": "Spring Security access rule for the check token endpoint (e.g. a SpEL expression\n like \"isAuthenticated()\") . Default is empty, which is interpreted as \"denyAll()\"\n (no access).",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"
},
{
"name": "security.oauth2.authorization.realm",
"type": "java.lang.String",
"description": "Realm name for client authentication. If an unauthenticated request comes in to the\n token endpoint, it will respond with a challenge including this name.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"
},
{
"name": "security.oauth2.authorization.token-key-access",
"type": "java.lang.String",
"description": "Spring Security access rule for the token key endpoint (e.g. a SpEL expression like\n \"isAuthenticated()\"). Default is empty, which is interpreted as \"denyAll()\" (no\n access).",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"
},
{
"name": "security.oauth2.client.access-token-uri",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.access-token-uri",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.access-token-validity-seconds",
"type": "java.lang.Integer",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.additional-information",
"type": "java.util.Map<java.lang.String,java.lang.Object>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.authentication-scheme",
"type": "org.springframework.security.oauth2.common.AuthenticationScheme",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.authentication-scheme",
"type": "org.springframework.security.oauth2.common.AuthenticationScheme",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.authorities",
"type": "java.util.Collection<org.springframework.security.core.GrantedAuthority>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.authorized-grant-types",
"type": "java.util.Set<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.auto-approve-scopes",
"type": "java.util.Set<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.client-authentication-scheme",
"type": "org.springframework.security.oauth2.common.AuthenticationScheme",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.client-authentication-scheme",
"type": "org.springframework.security.oauth2.common.AuthenticationScheme",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.client-id",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.client-id",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.client-id",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.client-id",
"type": "java.lang.String",
"description": "OAuth2 client id.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties"
},
{
"name": "security.oauth2.client.client-secret",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.client-secret",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.client-secret",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.client-secret",
"type": "java.lang.String",
"description": "OAuth2 client secret. A random secret is generated by default.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties"
},
{
"name": "security.oauth2.client.grant-type",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.grant-type",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.id",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.id",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.pre-established-redirect-uri",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.refresh-token-validity-seconds",
"type": "java.lang.Integer",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.registered-redirect-uri",
"type": "java.util.Set<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.resource-ids",
"type": "java.util.Set<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.scope",
"type": "java.util.Set<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"
},
{
"name": "security.oauth2.client.scope",
"type": "java.util.List<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.scope",
"type": "java.util.List<java.lang.String>",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.token-name",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.token-name",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"
},
{
"name": "security.oauth2.client.use-current-uri",
"type": "java.lang.Boolean",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.client.user-authorization-uri",
"type": "java.lang.String",
"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"
},
{
"name": "security.oauth2.resource.filter-order",
"type": "java.lang.Integer",
"description": "The order of the filter chain used to authenticate tokens. Default puts it after\n the actuator endpoints and before the default HTTP basic filter chain (catchall).",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",
"defaultValue": 0
},
{
"name": "security.oauth2.resource.id",
"type": "java.lang.String",
"description": "Identifier of the resource.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"
},
{
"name": "security.oauth2.resource.jwk.key-set-uri",
"type": "java.lang.String",
"description": "The URI to get verification keys to verify the JWT token. This can be set when\n the authorization server returns a set of verification keys.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwk"
},
{
"name": "security.oauth2.resource.jwt.key-uri",
"type": "java.lang.String",
"description": "The URI of the JWT token. Can be set if the value is not available and the key\n is public.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwt"
},
{
"name": "security.oauth2.resource.jwt.key-value",
"type": "java.lang.String",
"description": "The verification key of the JWT token. Can either be a symmetric secret or\n PEM-encoded RSA public key. If the value is not available, you can set the URI\n instead.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwt"
},
{
"name": "security.oauth2.resource.prefer-token-info",
"type": "java.lang.Boolean",
"description": "Use the token info, can be set to false to use the user info.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",
"defaultValue": true
},
{
"name": "security.oauth2.resource.service-id",
"type": "java.lang.String",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",
"defaultValue": "resource"
},
{
"name": "security.oauth2.resource.token-info-uri",
"type": "java.lang.String",
"description": "URI of the token decoding endpoint.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"
},
{
"name": "security.oauth2.resource.token-type",
"type": "java.lang.String",
"description": "The token type to send when using the userInfoUri.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"
},
{
"name": "security.oauth2.resource.user-info-uri",
"type": "java.lang.String",
"description": "URI of the user endpoint.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"
},
{
"name": "security.oauth2.sso.filter-order",
"type": "java.lang.Integer",
"description": "Filter order to apply if not providing an explicit WebSecurityConfigurerAdapter (in\n which case the order can be provided there instead).",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties"
},
{
"name": "security.oauth2.sso.login-path",
"type": "java.lang.String",
"description": "Path to the login page, i.e. the one that triggers the redirect to the OAuth2\n Authorization Server.",
"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties",
"defaultValue": "/login"
},
{
"name": "security.require-ssl",
"type": "java.lang.Boolean",
"description": "Enable secure channel for all requests.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",
"defaultValue": false
},
{
"name": "security.sessions",
"type": "org.springframework.security.config.http.SessionCreationPolicy",
"description": "Session creation policy (always, never, if_required, stateless).",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",
"defaultValue": "stateless"
},
{
"name": "security.user.name",
"type": "java.lang.String",
"description": "Default user name.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User",
"defaultValue": "user"
},
{
"name": "security.user.password",
"type": "java.lang.String",
"description": "Password for the default user name.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User"
},
{
"name": "security.user.role",
"type": "java.util.List<java.lang.String>",
"description": "Granted roles for the default user name.",
"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User"
},