Spring Boot Security預設的使用者名稱為user,密碼則是系統啟動時印在console的UUID,例如
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.1.8.RELEASE)
2019-09-30 15:28:17.928 INFO 9240 --- [ main] c.a.demo.SpringSecurityDemoApplication : Starting SpringSecurityDemoApplication on matt-PC with PID 9240 (D:\MyProject\workspace\spring-security-demo\bin\main started by matt in D:\MyProject\workspace\spring-security-demo)
2019-09-30 15:28:17.934 INFO 9240 --- [ main] c.a.demo.SpringSecurityDemoApplication : No active profile set, falling back to default profiles: default
2019-09-30 15:28:19.956 INFO 9240 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2019-09-30 15:28:20.008 INFO 9240 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2019-09-30 15:28:20.008 INFO 9240 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.24]
2019-09-30 15:28:20.163 INFO 9240 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/demo] : Initializing Spring embedded WebApplicationContext
2019-09-30 15:28:20.164 INFO 9240 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 2143 ms
2019-09-30 15:28:20.563 INFO 9240 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2019-09-30 15:28:21.031 INFO 9240 --- [ main] .s.s.UserDetailsServiceAutoConfiguration :
Using generated security password: 4925b629-d788-418b-90db-fb3877ba8706
2019-09-30 15:28:21.178 INFO 9240 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@562c877a, org.springframework.security.web.context.SecurityContextPersistenceFilter@57fae983, org.springframework.security.web.header.HeaderWriterFilter@982bb90, org.springframework.security.web.csrf.CsrfFilter@2cfbeac4, org.springframework.security.web.authentication.logout.LogoutFilter@1763992e, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@58cec85b, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@48c4245d, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@67001148, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@3adbe50f, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@4bee18dc, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5ee34b1b, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@989da1, org.springframework.security.web.session.SessionManagementFilter@7bef452c, org.springframework.security.web.access.ExceptionTranslationFilter@76954a33, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@4a9486c0]
2019-09-30 15:28:21.281 INFO 9240 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path '/demo'
2019-09-30 15:28:21.285 INFO 9240 --- [ main] c.a.demo.SpringSecurityDemoApplication : Started SpringSecurityDemoApplication in 3.948 seconds (JVM running for 4.448)
由於Spring Boot Security預設使用
SecurityAutoConfiguration及UserDetailsServiceAutoConfiguration配置。
而在UserDetailsServiceAutoConfiguration.inMemoryUserDetailsManager()中會用InMemoryUserDetailsManager設定一個in-memory(存在記憶體內的)使用者。
此預設使用者資訊來自於SecurityProperties.User,
預設的使用者名稱name = "user",
預設的使用者密碼password = UUID.randomUUID().toString()。
節錄SecurityProperties.User原始碼如下:
SecurityProperties
package org.springframework.boot.autoconfigure.security;
import ...
@ConfigurationProperties(prefix = "spring.security")
public class SecurityProperties {
...
public static class User {
/**
* Default user name.
*/
private String name = "user";
/**
* Password for the default user name.
*/
private String password = UUID.randomUUID().toString();
...
}
}
如果要修改預設產生的帳號密碼,可在application.properties設定以下參數。
application.properties
# login username
spring.security.user.name=john
# login password
spring.security.user.password=12345
參考:
沒有留言:
張貼留言