zoukankan      html  css  js  c++  java

  • (一)springboot security 自定义 filter实现自定义权限

     代码下载地址 

    git@github.com:only-care/springboot-security.git

    一、权限验证拦截器,重写attemptAuthentication实现自定义拦截直接执行校验权限处理,封装为UsernamePasswordAuthenticationToken返回认证

    import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

public class OpenIdAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
	//仅处理post
	private boolean postOnly = true;
	/***
	 * 用于拦截封装token具体验证交由anthenticationManager属性完成,可以在创建时自己设置
	 */
	@Override
	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
			throws AuthenticationException {
		if (postOnly && !request.getMethod().equals("POST")) {
			throw new AuthenticationServiceException(
					"Authentication method not supported: " + request.getMethod());
		}
		String username = request.getParameter("username"); //默认
		String password = request.getParameter("password");
		username = username == null?"":username.trim();
		password = password == null?"":password;
		UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
				username, password);
		authRequest.setDetails(request);//放入token 的detials中
		//默认认证成功
		final List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>();
		AUTHORITIES.add(new SimpleGrantedAuthority("ROLE_USER"));
		return new UsernamePasswordAuthenticationToken(authRequest.getPrincipal(), authRequest.getCredentials(), AUTHORITIES);
	}
}

      二、将自定义的filter添加到httpSecurity配置完成,结果如下

    @RestController
@EnableWebSecurity
@SpringBootApplication
public class StartApp  extends WebSecurityConfigurerAdapter{
    
    @RequestMapping("/")
    String index() {
        return "Hello World!";
    }

    public static void main(String[] args) {
        SpringApplication.run(StartApp.class, args);
    }
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated().and().formLogin().and().httpBasic();
        
        //添加自定义拦截器到httpSecurity
        OpenIdAuthenticationFilter openIdAuthenticationFilter = new OpenIdAuthenticationFilter();
        //此处可以添加认证处理对象
        openIdAuthenticationFilter.setAuthenticationManager(null);
        openIdAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
        http.addFilter(openIdAuthenticationFilter);
    }
}

     
  • 相关阅读:
    ERROR 1290 (HY000): The MySQL server is running with&nbs
    mysql ERROR 1045 (28000): Access denied for user解决方法
    今天,启动MySQL服务器失败,
    centos 7 安装卸载apache(httpd)服务
    Kafka——彻底删除Topic
    HBase管理与监控——彻底删除HBase数据
    phoenix创建表失败:phoenixIOException: Max attempts exceeded
    Kafka——指定位移消费(回溯消费)
    Java日志体系(八)最佳实践
    Java日志体系(七)日志框架切换
  • 原文地址:https://www.cnblogs.com/black-/p/8865103.html
Copyright © 2011-2022 走看看