zoukankan      html  css  js  c++  java

  • spring boot 下 spring security 自定义登录配置与form-login属性详解

    package zhet.sprintBoot;

    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.builders.WebSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;

    /**
    * @author sdcuike
    * @date 2018/1/28
    * @since 2018/1/28
    */
    @Configuration
    @EnableWebSecurity
    @EnableGlobalMethodSecurity(prePostEnabled = true)
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private CustomUserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder( new PasswordEncoder() {
    @Override
    public String encode(CharSequence charSequence) {
    return charSequence.toString();
    }

    @Override
    public boolean matches(CharSequence charSequence, String s) {
    return s.equals(charSequence.toString());
    }
    });
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    http
    // 设置登陆页
    .formLogin() 

    // login22.html 在 static 文件夹下
    .loginPage("/login22.html")

    //自定义登录页的 action  = "/login"
    .loginProcessingUrl("/login") // 自定义的登录接口

    // 设置登陆成功页
    .defaultSuccessUrl("/home.html")
    .failureUrl("/loginFaile.html").permitAll()
    .and().authorizeRequests()
    // .antMatchers("/login").permitAll()
    .anyRequest().authenticated();

    // 如果有允许匿名的url,填在下面
    // .antMatchers().permitAll()


    // 自定义登陆用户名和密码参数,默认为username和password
    // .usernameParameter("username")
    // .passwordParameter("password")
    // .and()
    // .logout().permitAll()

    // 关闭CSRF跨域
    http.csrf().disable();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
    // 设置拦截忽略文件夹,可以对静态资源放行
    web.ignoring().antMatchers("/css/**", "/js/**");
    }
    }
  • 相关阅读:
    [Javascript] Use a custom sort function on an Array in Javascript
    [Unit Testing] Fundamentals of Testing in Javascript
    [WASM] Create a New Rust/Webpack Project using the rust-webpack Template
    [Adobe Analytics] Segments types
    win7系统远程连接其它计算机,并且向远程机传输文件
    移动应用数据统计分析平台汇总
    设计模式(策略模式)
    程序员与卓别林
    我的Android进阶之旅------>HTTP 返回状态值详解
    OSX: 真的吗?Mac OS X重大漏洞 改时钟获系统最高权限
  • 原文地址:https://www.cnblogs.com/jichen/p/9540530.html
Copyright © 2011-2022 走看看