zoukankan      html  css  js  c++  java
  • SpringSecurity

    SpringSecurity

     

    1、环境搭建

    1、导包,使用maven搭建项目

     maven网址:https://mvnrepository.com/

    搜索需要导入的包名
    <!--        thymeleaf-extras-springsecurity4-->
             <!-- https://mvnrepository.com/artifact/org.thymeleaf.extras/thymeleaf-extras-springsecurity4 -->
             <dependency>
                 <groupId>org.thymeleaf.extras</groupId>
                 <artifactId>thymeleaf-extras-springsecurity4</artifactId>
                 <version>3.0.4.RELEASE</version>
             </dependency><!--        security-->
             <dependency>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-starter-security</artifactId>
             </dependency>
             
             <!--        thymeleaf模板引擎-->
             <dependency>
                 <groupId>org.thymeleaf</groupId>
                 <artifactId>thymeleaf-spring5</artifactId>
             </dependency>
             <dependency>
                 <groupId>org.thymeleaf.extras</groupId>
                 <artifactId>thymeleaf-extras-java8time</artifactId>
             </dependency>

    2、关闭thymeleaf缓存

     
    spring.thymeleaf.cache=false

    3、导入静态资源和相应页面代码

     

    4、建立controller层

     
    package com.company.controller;
     ​
     import org.springframework.stereotype.Controller;
     import org.springframework.web.bind.annotation.PathVariable;
     import org.springframework.web.bind.annotation.RequestMapping;
     ​
     @Controller
     public class MyController {
     ​//跳转到首页
         @RequestMapping({"/","/index"})
         public String index(){
             return "index";
         }
     ​
    //登录页面 @RequestMapping(
    "/toLogin") public String login(){ return "views/login"; } ​
    //restful风格传参,利用地址传递的参数,调用views文件下不同的页面 1.html2.html3.html
    //如:http://localhost:8080/level1/1
    //下面的一样 @RequestMapping(
    "/level1/{id}") public String level1(@PathVariable("id") int id){
    //拼接
    return "views/level1/"+id; } ​ @RequestMapping("/level2/{id}") public String level2(@PathVariable("id") int id){ return "views/level2/"+id; } ​ @RequestMapping("/level3/{id}") public String level3(@PathVariable("id") int id){ return "views/level3/"+id; } }

     

    2、权限与认证

    运用了 Aop 切面编程思想

    package com.company.config;
    
    
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    
    @Configuration
    public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
        /**
         * aop 思想
         * 将所添加的东西,横切进原来的代码,不影响以前的代码
         *
         * */
    
    
        //权限
        //链式编程
        @Override
        protected void configure(HttpSecurity http) throws Exception {
    
    //        所有人均可访问首页,但功能页需要的到相应的权限
            http.authorizeRequests()
                    .antMatchers("/").permitAll()
                    .antMatchers("/level1/**").hasRole("v1")
                    .antMatchers("/level2/**").hasRole("v2")
                    .antMatchers("/level3/**").hasRole("v3");
    
            //在没有权限的情况下,跳转到登录页面
            http.formLogin().loginPage("/toLogin");
    
            //注销
            //注销成功后,回到首页
            http.csrf().disable();
            http.logout().logoutSuccessUrl("/");
    
            //记住登录信息
            http.rememberMe().rememberMeParameter("remember");
        }
    
        //认证
        //需对密码进行加密 password(new BCryptPasswordEncoder().encode("123456"))
        //不然,则会报错
        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                    .withUser("1").password(new BCryptPasswordEncoder().encode("123456")).roles("v1","v2","v3")
                    .and()
                    .withUser("2").password(new BCryptPasswordEncoder().encode("123456")).roles("v2","v3")
                    .and()
                    .withUser("3").password(new BCryptPasswordEncoder().encode("123456")).roles("v3");
        }
    }
  • 相关阅读:
    javascript DOM节点(一)
    [转]php初级教程(七)一个新闻管理系统(准备工作)
    [转]php初级教程(九)添加新闻内容程序的编写
    [转]php初级教程(六)php表单处理文件上传
    [转]php初级教程(一)php平台的搭建
    [转]php初级教程(三)php的常用函数和基本流程(20071217 14:46:16)[编辑][删除]
    [转]php初级教程(八)基本php配置文件的编写
    [转]php初级教程(十一)用户的注册
    [转]php初级教程(四)相关环境变量和服务器变量的获取
    [转]php初级教程(五)php表单处理
  • 原文地址:https://www.cnblogs.com/wdsjg/p/13624208.html
Copyright © 2011-2022 走看看