（五）、spring boot security SecurityProperties 配置说明

版权声明：本文为博主原创文章，转载请附上博文链接，谢谢！ https://blog.csdn.net/qq_30062125/article/details/86062938

---

Spring Security文章目录

---

类路径：org.springframework.boot.autoconfigure.security.SecurityProperties

配置：

{

"name": "security.basic.authorize-mode",

"type": "org.springframework.boot.autoconfigure.security.SecurityAuthorizeMode",

"description": "Security authorize mode to apply.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",

"defaultValue": "role"

},

{

"name": "security.basic.enabled",

"type": "java.lang.Boolean",

"description": "Enable basic authentication.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",

"defaultValue": true

},

{

"name": "security.basic.path",

"type": "java.lang.String[]",

"description": "Comma-separated list of paths to secure.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",

"defaultValue": ["/**"]

},

{

"name": "security.basic.realm",

"type": "java.lang.String",

"description": "HTTP basic realm name.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Basic",

"defaultValue": "Spring"

},

{

"name": "security.enable-csrf",

"type": "java.lang.Boolean",

"description": "Enable Cross Site Request Forgery support.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",

"defaultValue": false

},

{

"name": "security.filter-dispatcher-types",

"type": "java.util.Set<java.lang.String>",

"description": "Security filter chain dispatcher types.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties"

},

{

"name": "security.filter-order",

"type": "java.lang.Integer",

"description": "Security filter chain order.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",

"defaultValue": 0

},

{

"name": "security.headers.cache",

"type": "java.lang.Boolean",

"description": "Enable cache control HTTP headers.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": true

},

{

"name": "security.headers.content-security-policy",

"type": "java.lang.String",

"description": "Value for content security policy header.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers"

},

{

"name": "security.headers.content-security-policy-mode",

"type": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers$ContentSecurityPolicyMode",

"description": "Content security policy mode.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": "default"

},

{

"name": "security.headers.content-type",

"type": "java.lang.Boolean",

"description": "Enable \"X-Content-Type-Options\" header.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": true

},

{

"name": "security.headers.frame",

"type": "java.lang.Boolean",

"description": "Enable \"X-Frame-Options\" header.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": true

},

{

"name": "security.headers.hsts",

"type": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers$HSTS",

"description": "HTTP Strict Transport Security (HSTS) mode (none, domain, all).",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": "all"

},

{

"name": "security.headers.xss",

"type": "java.lang.Boolean",

"description": "Enable cross site scripting (XSS) protection.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$Headers",

"defaultValue": true

},

{

"name": "security.ignored",

"type": "java.util.List<java.lang.String>",

"description": "Comma-separated list of paths to exclude from the default secured paths.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties"

},

{

"name": "security.oauth2.authorization.check-token-access",

"type": "java.lang.String",

"description": "Spring Security access rule for the check token endpoint (e.g. a SpEL expression\n like \"isAuthenticated()\") . Default is empty, which is interpreted as \"denyAll()\"\n (no access).",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"

},

{

"name": "security.oauth2.authorization.realm",

"type": "java.lang.String",

"description": "Realm name for client authentication. If an unauthenticated request comes in to the\n token endpoint, it will respond with a challenge including this name.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"

},

{

"name": "security.oauth2.authorization.token-key-access",

"type": "java.lang.String",

"description": "Spring Security access rule for the token key endpoint (e.g. a SpEL expression like\n \"isAuthenticated()\"). Default is empty, which is interpreted as \"denyAll()\" (no\n access).",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.authserver.AuthorizationServerProperties"

},

{

"name": "security.oauth2.client.access-token-uri",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.access-token-uri",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.access-token-validity-seconds",

"type": "java.lang.Integer",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.additional-information",

"type": "java.util.Map<java.lang.String,java.lang.Object>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.authentication-scheme",

"type": "org.springframework.security.oauth2.common.AuthenticationScheme",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.authentication-scheme",

"type": "org.springframework.security.oauth2.common.AuthenticationScheme",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.authorities",

"type": "java.util.Collection<org.springframework.security.core.GrantedAuthority>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.authorized-grant-types",

"type": "java.util.Set<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.auto-approve-scopes",

"type": "java.util.Set<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.client-authentication-scheme",

"type": "org.springframework.security.oauth2.common.AuthenticationScheme",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.client-authentication-scheme",

"type": "org.springframework.security.oauth2.common.AuthenticationScheme",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.client-id",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.client-id",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.client-id",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.client-id",

"type": "java.lang.String",

"description": "OAuth2 client id.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties"

},

{

"name": "security.oauth2.client.client-secret",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.client-secret",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.client-secret",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.client-secret",

"type": "java.lang.String",

"description": "OAuth2 client secret. A random secret is generated by default.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties"

},

{

"name": "security.oauth2.client.grant-type",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.grant-type",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.id",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.id",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.pre-established-redirect-uri",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.refresh-token-validity-seconds",

"type": "java.lang.Integer",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.registered-redirect-uri",

"type": "java.util.Set<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.resource-ids",

"type": "java.util.Set<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.scope",

"type": "java.util.Set<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.provider.client.BaseClientDetails"

},

{

"name": "security.oauth2.client.scope",

"type": "java.util.List<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.scope",

"type": "java.util.List<java.lang.String>",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.token-name",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.token-name",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails"

},

{

"name": "security.oauth2.client.use-current-uri",

"type": "java.lang.Boolean",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.client.user-authorization-uri",

"type": "java.lang.String",

"sourceType": "org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails"

},

{

"name": "security.oauth2.resource.filter-order",

"type": "java.lang.Integer",

"description": "The order of the filter chain used to authenticate tokens. Default puts it after\n the actuator endpoints and before the default HTTP basic filter chain (catchall).",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",

"defaultValue": 0

},

{

"name": "security.oauth2.resource.id",

"type": "java.lang.String",

"description": "Identifier of the resource.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"

},

{

"name": "security.oauth2.resource.jwk.key-set-uri",

"type": "java.lang.String",

"description": "The URI to get verification keys to verify the JWT token. This can be set when\n the authorization server returns a set of verification keys.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwk"

},

{

"name": "security.oauth2.resource.jwt.key-uri",

"type": "java.lang.String",

"description": "The URI of the JWT token. Can be set if the value is not available and the key\n is public.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwt"

},

{

"name": "security.oauth2.resource.jwt.key-value",

"type": "java.lang.String",

"description": "The verification key of the JWT token. Can either be a symmetric secret or\n PEM-encoded RSA public key. If the value is not available, you can set the URI\n instead.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties$Jwt"

},

{

"name": "security.oauth2.resource.prefer-token-info",

"type": "java.lang.Boolean",

"description": "Use the token info, can be set to false to use the user info.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",

"defaultValue": true

},

{

"name": "security.oauth2.resource.service-id",

"type": "java.lang.String",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties",

"defaultValue": "resource"

},

{

"name": "security.oauth2.resource.token-info-uri",

"type": "java.lang.String",

"description": "URI of the token decoding endpoint.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"

},

{

"name": "security.oauth2.resource.token-type",

"type": "java.lang.String",

"description": "The token type to send when using the userInfoUri.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"

},

{

"name": "security.oauth2.resource.user-info-uri",

"type": "java.lang.String",

"description": "URI of the user endpoint.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties"

},

{

"name": "security.oauth2.sso.filter-order",

"type": "java.lang.Integer",

"description": "Filter order to apply if not providing an explicit WebSecurityConfigurerAdapter (in\n which case the order can be provided there instead).",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties"

},

{

"name": "security.oauth2.sso.login-path",

"type": "java.lang.String",

"description": "Path to the login page, i.e. the one that triggers the redirect to the OAuth2\n Authorization Server.",

"sourceType": "org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties",

"defaultValue": "/login"

},

{

"name": "security.require-ssl",

"type": "java.lang.Boolean",

"description": "Enable secure channel for all requests.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",

"defaultValue": false

},

{

"name": "security.sessions",

"type": "org.springframework.security.config.http.SessionCreationPolicy",

"description": "Session creation policy (always, never, if_required, stateless).",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties",

"defaultValue": "stateless"

},

{

"name": "security.user.name",

"type": "java.lang.String",

"description": "Default user name.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User",

"defaultValue": "user"

},

{

"name": "security.user.password",

"type": "java.lang.String",

"description": "Password for the default user name.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User"

},

{

"name": "security.user.role",

"type": "java.util.List<java.lang.String>",

"description": "Granted roles for the default user name.",

"sourceType": "org.springframework.boot.autoconfigure.security.SecurityProperties$User"

},