Spring Security 內建屬性引數

Spring Boot 提供的內建配置引數以security為字首，具體屬性如下：

# SECURITY (SecurityProperties 類中)
security.basic.authorize-mode=role                  # 應用授權模式，ROLE=成員必須是安全的角色，AUTHENTICATED=經過身份                                                                                  驗證的使用者，NONE=沒有設定安全授權
security.basic.enabled=true                              # 啟用基本身份認證
security.basic.path=/**                                      # 攔截策略，以逗號分隔
security.basic.realm=Spring                             # HTTP基本realm
security.enable-csrf=false                                 # 啟用csrf支援
security.filter-order=0                                        # 過濾器執行順序
security.filter-dispatcher-types=ASYNC, FORWARD, INCLUDE, REQUEST # security 過濾器鏈dispatcher型別
security.headers.cache=true                             # 啟用快取控制 HTTP headers.
security.headers.content-type=true                   # 啟用 "X-Content-Type-Options" header.
security.headers.frame=true                             # 啟用 "X-Frame-Options" header.
security.headers.hsts=                                      # HTTP Strict Transport Security (HSTS) mode (none, domain, all).
security.headers.xss=true                                 # 啟用跨域指令碼 (XSS) 保護.
security.ignored=                                              # 安全策略，以逗號分隔
security.require-ssl=false                                  # 啟用所有請求SSL
security.sessions=stateless                             # Session 建立策略(always, never, if_required, stateless).
security.user.name=user                                  # 預設使用者名稱
security.user.password=                                 # 預設使用者名稱密碼
security.user.role=USER                                 # 預設使用者角色

# SECURITY OAUTH2 CLIENT (OAuth2ClientProperties 類中)
security.oauth2.client.client-id=                      # OAuth2 client id.
security.oauth2.client.client-secret=               # OAuth2 client secret. A random secret is generated by default

# SECURITY OAUTH2 RESOURCES (ResourceServerProperties 類中)
security.oauth2.resource.id=                        # Identifier of the resource.
security.oauth2.resource.jwt.key-uri=         # The URI of the JWT token. Can be set if the value is not available and the key is public.
security.oauth2.resource.jwt.key-value=     # The verification key of the JWT token. Can either be a symmetric secret or PEM-encoded RSA public key.
security.oauth2.resource.prefer-token-info=true # Use the token info, can be set to false to use the user info.
security.oauth2.resource.service-id=resource #
security.oauth2.resource.token-info-uri= # URI of the token decoding endpoint.
security.oauth2.resource.token-type= # The token type to send when using the userInfoUri.
security.oauth2.resource.user-info-uri= # URI of the user endpoint.

# SECURITY OAUTH2 SSO (OAuth2SsoProperties 類中)
security.oauth2.sso.filter-order= # Filter order to apply if not providing an explicit WebSecurityConfigurerAdapter
security.oauth2.sso.login-path=/login # Path to the login page, i.e. the one that triggers the redirect to the OAuth2 Authorization Server

以上是官方給出的配置屬性以及預設值列表。