zoukankan      html  css  js  c++  java
  • spring security 入门级全篇代码

    CustomAccessDecisionManager 类

    ----------------------------------------------------------------------------

    @Component
    public class CustomAccessDecisionManager
    implements AccessDecisionManager {
    @Override
    public void decide(Authentication auth,
    Object object,
    Collection<ConfigAttribute> ca){
    Collection<? extends GrantedAuthority> auths = auth.getAuthorities();
    for (ConfigAttribute configAttribute : ca) {
    if ("ROLE_LOGIN".equals(configAttribute.getAttribute())
    && auth instanceof UsernamePasswordAuthenticationToken) {
    return;
    }
    for (GrantedAuthority authority : auths) {
    if (configAttribute.getAttribute().equals(authority.getAuthority())) {
    return;
    }
    }
    }
    throw new AccessDeniedException("权限不足");
    }

    @Override
    public boolean supports(ConfigAttribute attribute) {
    return true;
    }

    @Override
    public boolean supports(Class<?> clazz) {
    return true;
    }
    }





    CustomFilterInvocationSecurityMetadataSource 类

    --------------------------------------------------------------------
    @Component
    public class CustomFilterInvocationSecurityMetadataSource
    implements FilterInvocationSecurityMetadataSource {
    AntPathMatcher antPathMatcher = new AntPathMatcher();
    @Autowired
    MenuMapper menuMapper;
    @Override
    public Collection<ConfigAttribute> getAttributes(Object object)
    throws IllegalArgumentException {
    String requestUrl = ((FilterInvocation) object).getRequestUrl();
    List<Menu> allMenus = menuMapper.getAllMenus();
    for (Menu menu : allMenus) {
    if (antPathMatcher.match(menu.getPattern(), requestUrl)) {
    List<Role> roles = menu.getRoles();
    String[] roleArr = new String[roles.size()];
    for (int i = 0; i < roleArr.length; i++) {
    roleArr[i] = roles.get(i).getName();
    }
    return SecurityConfig.createList(roleArr);
    }
    }
    return SecurityConfig.createList("ROLE_LOGIN");
    }
    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
    return null;
    }
    @Override
    public boolean supports(Class<?> clazz) {
    return FilterInvocation.class.isAssignableFrom(clazz);
    }
    }


    WebSecurityConfig  类

    --------------------------------------------------------------------
    @Configuration
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    UserService userService;
    @Bean
    RoleHierarchy roleHierarchy() {
    RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
    String hierarchy = "ROLE_dba > ROLE_admin ROLE_admin > ROLE_user";
    roleHierarchy.setHierarchy(hierarchy);
    return roleHierarchy;
    }
    @Bean
    PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
    .withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
    @Override
    public <O extends FilterSecurityInterceptor> O postProcess(O object) {
    object.setSecurityMetadataSource(cfisms());
    object.setAccessDecisionManager(cadm());
    return object;
    }
    })
    .and()
    .formLogin()
    .loginProcessingUrl("/login").permitAll()
    .and()
    .csrf().disable();
    }
    @Bean
    CustomFilterInvocationSecurityMetadataSource cfisms() {
    return new CustomFilterInvocationSecurityMetadataSource();
    }
    @Bean
    CustomAccessDecisionManager cadm() {
    return new CustomAccessDecisionManager();
    }
    }
    
    
    HelloController  类
    ---------------------------------------------
    @RestController
    public class HelloController {
    @GetMapping("/admin/hello")
    public String admin() {
    return "hello admin";
    }
    @GetMapping("/db/hello")
    public String dba() {
    return "hello dba";
    }
    @GetMapping("/user/hello")
    public String user() {
    return "hello user";
    }
    }
    mapper 接口
    ---------------------------------------------
    @Mapper
    public interface MenuMapper {
    List<Menu> getAllMenus();
    }
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE mapper
    PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
    "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
    <mapper namespace="org.sang.security02.mapper.MenuMapper">
    <resultMap id="BaseResultMap" type="org.sang.security02.model.Menu">
    <id property="id" column="id"/>
    <result property="pattern" column="pattern"/>
    <collection property="roles" ofType="org.sang.security02.model.Role">
    <id property="id" column="rid"/>
    <result property="name" column="rname"/>
    <result property="nameZh" column="rnameZh"/>
    </collection>
    </resultMap>
    <select id="getAllMenus" resultMap="BaseResultMap">
    SELECT m.*,r.id AS rid,r.name AS rname,r.nameZh AS rnameZh FROM menu m LEFT JOIN menu_role mr ON m.`id`=mr.`mid` LEFT JOIN role r ON mr.`rid`=r.`id`
    </select>
    </mapper>


    @Mapper
    public interface UserMapper {
    User loadUserByUsername(String username);
    List<Role> getUserRolesByUid(Integer id);
    }
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE mapper
    PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
    "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
    <mapper namespace="org.sang.security02.mapper.UserMapper">
    <select id="loadUserByUsername" resultType="org.sang.security02.model.User">
    select * from user where username=#{username}
    </select>
    <select id="getUserRolesByUid" resultType="org.sang.security02.model.Role">
    select * from role r,user_role ur where r.id=ur.rid and ur.uid=#{id}
    </select>
    </mapper>

    model 层
    -----------------------------------------------------------
    public class Menu {
    private Integer id;
    private String pattern;
    private List<Role> roles;

    public List<Role> getRoles() {
    return roles;
    }

    public void setRoles(List<Role> roles) {
    this.roles = roles;
    }

    public Integer getId() {
    return id;
    }

    public void setId(Integer id) {
    this.id = id;
    }

    public String getPattern() {
    return pattern;
    }

    public void setPattern(String pattern) {
    this.pattern = pattern;
    }
    }



    ublic class Role {
    private Integer id;
    private String name;
    private String nameZh;
    //省略getter/setter

    public Integer getId() {
    return id;
    }

    public void setId(Integer id) {
    this.id = id;
    }

    public String getName() {
    return name;
    }

    public void setName(String name) {
    this.name = name;
    }

    public String getNameZh() {
    return nameZh;
    }

    public void setNameZh(String nameZh) {
    this.nameZh = nameZh;
    }
    }

    public class User implements UserDetails {
    private Integer id;
    private String username;
    private String password;
    private Boolean enabled;
    private Boolean locked;
    private List<Role> roles;
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
    List<SimpleGrantedAuthority> authorities = new ArrayList<>();
    for (Role role : roles) {
    authorities.add(new SimpleGrantedAuthority(role.getName()));
    }
    return authorities;
    }
    @Override
    public String getPassword() {
    return password;
    }
    @Override
    public String getUsername() {
    return username;
    }
    @Override
    public boolean isAccountNonExpired() {
    return true;
    }
    @Override
    public boolean isAccountNonLocked() {
    return !locked;
    }
    @Override
    public boolean isCredentialsNonExpired() {
    return true;
    }
    @Override
    public boolean isEnabled() {
    return enabled;
    }
    //省略getter/setter

    public Integer getId() {
    return id;
    }

    public void setId(Integer id) {
    this.id = id;
    }

    public void setUsername(String username) {
    this.username = username;
    }

    public void setPassword(String password) {
    this.password = password;
    }

    // public Boolean getEnabled() {
    // return enabled;
    // }

    public void setEnabled(Boolean enabled) {
    this.enabled = enabled;
    }

    public Boolean getLocked() {
    return locked;
    }

    public void setLocked(Boolean locked) {
    this.locked = locked;
    }

    public List<Role> getRoles() {
    return roles;
    }

    public void setRoles(List<Role> roles) {
    this.roles = roles;
    }
    }



    service 层
    ------------------------------------------------------------
    @Service
    public class UserService implements UserDetailsService {
    @Autowired
    UserMapper userMapper;
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    User user = userMapper.loadUserByUsername(username);
    if (user == null) {
    throw new UsernameNotFoundException("账户不存在!");
    }
    user.setRoles(userMapper.getUserRolesByUid(user.getId()));
    return user;
    }
    }



    Pom 文件
    -----------------------------------------------------------------------------------
    <dependencies>
    <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
    <groupId>org.mybatis.spring.boot</groupId>
    <artifactId>mybatis-spring-boot-starter</artifactId>
    <version>1.3.2</version>
    </dependency>
    <dependency>
    <groupId>mysql</groupId>
    <artifactId>mysql-connector-java</artifactId>
    <scope>runtime</scope>
    </dependency>
    <dependency>
    <groupId>com.alibaba</groupId>
    <artifactId>druid</artifactId>
    <version>1.1.10</version>
    </dependency>
    <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-test</artifactId>
    <scope>test</scope>
    </dependency>
    <dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-test</artifactId>
    <scope>test</scope>
    </dependency>
    </dependencies>

    数据库
    ---------------------------------------------------------------------

     

     

     

     



  • 相关阅读:
    System Verilog 片断
    如何避免covergroup中出现错误
    一种FPGA图像处理算法的快速验证方式
    什么才是一个feature to be test?
    我的第一份vPlan衍变路线
    思想误区解答:请专注于DUT的功能(全部为菜鸟个人总结不保证正确)
    谈谈验证中的SystemVerilog和CPP//转载
    ResourceBundleViewResolver
    springmvc json数据返回前台,中文乱码
    将字符串中间的某段长度替换成固定的值
  • 原文地址:https://www.cnblogs.com/bruce1992/p/14010584.html
Copyright © 2011-2022 走看看