zoukankan      html  css  js  c++  java
  • SpringSecurity常见用法备忘

    package com.botao.securitydemo1.config;
    
    import com.botao.securitydemo1.Service.UserService;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.builders.WebSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;
    
    import java.util.ArrayList;
    import java.util.Collection;
    
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
        @Bean
        public BCryptPasswordEncoder bCryptPasswordEncoder(){
            return new BCryptPasswordEncoder();
        }
    
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            /**
             * 请求授权的规则
             */
            http.authorizeRequests()
                    .antMatchers("/").permitAll()
                    .antMatchers("/a/**").hasRole("vip1")
                    .antMatchers("/b/**").hasRole("vip2")
                    .antMatchers("/c/**").hasRole("vip3").anyRequest().authenticated();
            http.formLogin();
    
            //登录
            //http.formLogin().loginPage("/login").loginProcessingUrl("/check").usernameParameter("username").passwordParameter("psw");
            //退出
            //http.logout().logoutUrl("/logout").logoutSuccessUrl("/").permitAll();
            //记住我
            //http.rememberMe().rememberMeParameter("remember");
            //关闭csrf
            http.csrf().disable();
    
            //没有权限就进xxx.html(403)
            //http.exceptionHandling().accessDeniedPage("/xxx.html");
        }
    
    
        //认证
        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    
            auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                    .withUser("a").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1")
                    .and()
                    .withUser("b").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2")
                    .and()
                    .withUser("c").password(new BCryptPasswordEncoder().encode("123456")).roles("ivp3")
                    .and()
                    .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1", "vip2", "vip3");
    
        }
    }
  • 相关阅读:
    Prime Land(poj 1365)
    备用交换机(cogs 8)
    救命(洛谷 U4525)
    消息传递(cogs 1001)
    SQLite 使用主键,ROWID 及自增列
    SqlHelper 类
    一个继承的 DataGridView
    给JAVA的eclipse IDE 在线安装 SVN插件 / 给 eclipse 添加打开所在的文件夹功能
    实时更新DataGridView 合计值
    导出为文本格式
  • 原文地址:https://www.cnblogs.com/botaoJava/p/13866954.html
Copyright © 2011-2022 走看看