zoukankan      html  css  js  c++  java

  • SpringSecurity + SpringBoot2.x +redis+多数据源

    1. 多数据源配置(SQLServer,PostgreSQL)

    2. 集群session 配置 外部存储(redis)

    3.SpringSecurity 登录安全认证

    4.SpringSecurity remembreMe  配置

    5. SpringSecurity SessionManager 配置

    6.增加了图片验证码登录

    7.动态权限url 匹配认证

    @Component
@Order(Integer.MAX_VALUE)
public class ThirdpartyAuthorizeConfigRole implements ThirdpartyAuthorizeConfigProvider {

    @Override
    public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
//        config.antMatchers("/third/user").hasRole("Admin");
        config.anyRequest().access("@rbacService.hasPermission(request,authentication)");
    }
}

      

    package com.sy.thirdparty.authentication;

import com.sy.thirdparty.config.SpringSecurityProperties;
import com.sy.thirdparty.zcoas.SysUserEntity;
import com.sy.thirdparty.zcoas.repository.SysUserRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.Set;

/**
 * @Title: RbacServiceImpl
 * @ProjectName thirdparty
 * @date 2021-01-0711:34
 */
@Component("rbacService")
public class RbacServiceImpl implements RbacService {
    private AntPathMatcher antPathMatcher = new AntPathMatcher();
    @Autowired
    private SysUserRepository sysUserRepository;

    @Autowired
    private SpringSecurityProperties springSecurityProperties;
    @Override
    public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
        Object principal = authentication.getPrincipal();
        boolean hasPermission = false;
        if (principal instanceof UserDetails) {
            String username = ((UserDetails) principal).getUsername();
            SysUserEntity user = sysUserRepository.findByLoginName(username);
            if (user.getUserId() == springSecurityProperties.getAdminUserId()) return true;
            Set<String> urls = new HashSet<>();
            for (String url : urls) {
                if (antPathMatcher.match(url, request.getRequestURI())) {
                    hasPermission = true;
                    break;
                }
            }
        }
        return hasPermission;
    }
}

      

    项目地址: https://github.com/qukaige/thirdDemo
  • 相关阅读:
    Android Binder机制中的异步回调
    VS加载项目时报错 尚未配置为Web项目XXXX指定的本地IIS
    下班前码个2013总结吧
    android ListView 在初始化时多次调用getView()原因分析
    Android BindService中遇到的一个小问题
    C#读书笔记之并行任务
    Android系统启动分析(Init->Zygote->SystemServer->Home activity)
    浅析Java异常
    在Ubuntu-14.04.3配置并成功编译Android6_r1源码
    (转)Android Binder设计与实现 – 设计篇
  • 原文地址:https://www.cnblogs.com/412013cl/p/14245808.html
Copyright © 2011-2022 走看看