zoukankan      html  css  js  c++  java
  • SpringSecurity常见用法备忘

    package com.botao.securitydemo1.config;
    
    import com.botao.securitydemo1.Service.UserService;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.builders.WebSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;
    
    import java.util.ArrayList;
    import java.util.Collection;
    
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
        @Bean
        public BCryptPasswordEncoder bCryptPasswordEncoder(){
            return new BCryptPasswordEncoder();
        }
    
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            /**
             * 请求授权的规则
             */
            http.authorizeRequests()
                    .antMatchers("/").permitAll()
                    .antMatchers("/a/**").hasRole("vip1")
                    .antMatchers("/b/**").hasRole("vip2")
                    .antMatchers("/c/**").hasRole("vip3").anyRequest().authenticated();
            http.formLogin();
    
            //登录
            //http.formLogin().loginPage("/login").loginProcessingUrl("/check").usernameParameter("username").passwordParameter("psw");
            //退出
            //http.logout().logoutUrl("/logout").logoutSuccessUrl("/").permitAll();
            //记住我
            //http.rememberMe().rememberMeParameter("remember");
            //关闭csrf
            http.csrf().disable();
    
            //没有权限就进xxx.html(403)
            //http.exceptionHandling().accessDeniedPage("/xxx.html");
        }
    
    
        //认证
        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    
            auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                    .withUser("a").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1")
                    .and()
                    .withUser("b").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2")
                    .and()
                    .withUser("c").password(new BCryptPasswordEncoder().encode("123456")).roles("ivp3")
                    .and()
                    .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1", "vip2", "vip3");
    
        }
    }
  • 相关阅读:
    【转载】Oracle实例和Oracle数据库(Oracle体系结构)
    【转载】Oracle 11g R2 for Win7旗舰版(64位)- 安装
    eclipse 中卸载插件的方法
    eclipse编辑jsp文件和javascript代码很卡解决办法
    ExtJS登陆页面涉及到的几个问题
    一个关于ExtJS4具体控件的详细教程
    ES6与React中this完全解惑
    for, for..in, in, for...of的区别
    Sublime Text3的react代码校验插件
    Sublime Text3中JSX支持Emmet快捷键
  • 原文地址:https://www.cnblogs.com/botaoJava/p/13866954.html
Copyright © 2011-2022 走看看