Spring boot for Eclipse 開發指南第四節 Spring-Security
使用本身的數據庫中的用戶進行驗證css
1.User 表結構java
CREATE TABLE `user` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(18) DEFAULT NULL, `password` varchar(18) DEFAULT 'zzz123', `sex` varchar(2) DEFAULT NULL, `age` int(11) DEFAULT NULL, `disabled` bit(1) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=22 DEFAULT CHARSET=utf8;
2. 引用依賴 POM.XMLspring
<!-- security --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> <scope>test</scope> </dependency>
3. User.javasql
@Entity
public class User implements UserDetails {
@Transient
List<GrantedAuthority> list = new ArrayList<GrantedAuthority>();
@Transient
private String name;
@Id
@GeneratedValue
private Long id;
@Column(nullable = false)
private String username;
@Column(nullable = false)
private String password;
@Column(nullable = false)
private Integer age;
private boolean disabled;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
@Override
public Collection<GrantedAuthority> getAuthorities() {
return list;
}
public void setAuthorities(List<GrantedAuthority> list) {
this.list = list;
}
@Override
public String getPassword() {
// TODO Auto-generated method stub
return password;
}
public void setPassword(String password) {
// TODO Auto-generated method stub
this.password = password;
}
@Override
public String getUsername() {
// TODO Auto-generated method stub
return username;
}
public void setUsername(String username){
this.username = username;
}
@Override
public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
return true;
}
}
4. UserRepository.java數據庫
public interface UserRepository extends JpaRepository<User, Long> {
List<User> findByUsername(String username);
}
6. UserServiceImpl.java安全
@Service
public class UserServiceImpl implements IUserService {
private static final Log logger = LogFactory.getLog(UserServiceImpl.class);
@Autowired
UserRepository dao;
@Override
public void AddUser(User user) {
// TODO Auto-generated method stub
dao.save(user);
logger.info("add user");
}
@Override
public List<User> findUserByUsername(String username) {
// TODO Auto-generated method stub
return dao.findByUsername(username);
}
}
7. SecurityConfig.java 主要配置文件app
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("customUserDetailService")
private UserDetailsService userDetailsService;
/**定義認證用戶信息獲取來源,密碼校驗規則等*/
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//auth.inMemoryAuthentication().withUser("shili").password("zzz123").roles("USER");
//auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
auth.userDetailsService(userDetailsService);
}
/**定義安全策略*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()//配置安全策略
.antMatchers("/css/**","/js/**","/img/**","/sayhello").permitAll()//不須要權限的URL
.anyRequest().authenticated()//其餘任意URL都須要驗證權限
.and()
.logout()
.permitAll()
.and()
.formLogin();
}
@Bean
public BCryptPasswordEncoder passwordEncoder(){
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
}
8.CustomUserDetailService 使用本身的數據庫中的用戶ide
@Service("customUserDetailService")
public class CustomUserDetailService implements UserDetailsService {
@Autowired
private IUserService userService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// TODO Auto-generated method stub
List<User> users = userService.findUserByUsername(username);
if(users==null||users.size()==0){
throw new UsernameNotFoundException("");
}
User user = users.get(0);
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
user.setAuthorities(authorities);
return user;
}
}
隨便寫一個控制器測試一下spring-boot
@RestController
public class HelloSecurity {
@RequestMapping("/security")
public String security() {
return "hello world security";
}
}
相關文章
- 1. Spring boot for Eclipse 開發指南第六節 Oauth 2.0
- 2. Spring boot for Eclipse 開發指南第一節 快速建立
- 3. Spring boot for Eclipse 開發指南第三節 Freemaker
- 4. Spring boot for Eclipse 開發指南第二節 JPA
- 5. Spring boot for Eclipse 開發指南第五節 自定義登陸頁
- 6. Spring Boot 開發指南第八節 WebSocket 的使用
- 7. Spring Boot 開發指南
- 8. Spring boot 開發指南第七節 搭建密碼受權服務器
- 9. Spring Boot 開發指南(1):hello world
- 10. Spring Boot 參考指南(開發你的第一個Spring Boot應用程序)
- 更多相關文章...
- • SQL 指南 - 網站建設指南
- • HTML 指南 - 網站建設指南
- • PHP開發工具
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Spring boot for Eclipse 開發指南第六節 Oauth 2.0
- 2. Spring boot for Eclipse 開發指南第一節 快速建立
- 3. Spring boot for Eclipse 開發指南第三節 Freemaker
- 4. Spring boot for Eclipse 開發指南第二節 JPA
- 5. Spring boot for Eclipse 開發指南第五節 自定義登陸頁
- 6. Spring Boot 開發指南第八節 WebSocket 的使用
- 7. Spring Boot 開發指南
- 8. Spring boot 開發指南第七節 搭建密碼受權服務器
- 9. Spring Boot 開發指南(1):hello world
- 10. Spring Boot 參考指南(開發你的第一個Spring Boot應用程序)