javascript
SpringSecurity权限框架实战
pom文件:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
?? ?xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
?? ?<modelVersion>4.0.0</modelVersion>
?? ?<parent>
?? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ?<artifactId>spring-boot-starter-parent</artifactId>
?? ??? ?<version>2.1.4.RELEASE</version>
?? ??? ?<relativePath /> <!-- lookup parent from repository -->
?? ?</parent>
?? ?<groupId>com.baidu.security</groupId>
?? ?<artifactId>security</artifactId>
?? ?<version>0.0.1-SNAPSHOT</version>
?? ?<name>security</name>
?? ?<description>Demo project for Spring Boot</description>
?? ?<properties>
?? ??? ?<java.version>1.8</java.version>
?? ?</properties>
?? ?<dependencies>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ??? ?<artifactId>spring-boot-starter-web</artifactId>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ??? ?<artifactId>spring-boot-starter-test</artifactId>
?? ??? ??? ?<scope>test</scope>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>ch.qos.logback</groupId>
?? ??? ??? ?<artifactId>logback-classic</artifactId>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>ch.qos.logback</groupId>
?? ??? ??? ?<artifactId>logback-core</artifactId>
?? ??? ?</dependency>
?? ??? ?<!-- 引入freeMarker的依賴包. -->
?? ??? ?<dependency>
?? ??? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ??? ?<artifactId>spring-boot-starter-freemarker</artifactId>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>org.apache.commons</groupId>
?? ??? ??? ?<artifactId>commons-lang3</artifactId>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ??? ?<artifactId>spring-boot-starter-security</artifactId>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>ch.qos.logback</groupId>
?? ??? ??? ?<artifactId>logback-classic</artifactId>
?? ??? ??? ?<version>1.2.3</version>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>ch.qos.logback</groupId>
?? ??? ??? ?<artifactId>logback-core</artifactId>
?? ??? ??? ?<version>RELEASE</version>
?? ??? ?</dependency>
?? ?<dependency>
?? ??? ??? ?<groupId>org.mybatis.spring.boot</groupId>
?? ??? ??? ?<artifactId>mybatis-spring-boot-starter</artifactId>
?? ??? ??? ?<version>1.3.0</version>
?? ??? ?</dependency>
?? ??? ?<dependency>
?? ??? ??? ?<groupId>mysql</groupId>
?? ??? ??? ?<artifactId>mysql-connector-java</artifactId>
?? ??? ??? ?<scope>runtime</scope>
?? ??? ?</dependency>
?? ?</dependencies>
?? ?<build>
?? ??? ?<plugins>
?? ??? ??? ?<plugin>
?? ??? ??? ??? ?<groupId>org.springframework.boot</groupId>
?? ??? ??? ??? ?<artifactId>spring-boot-maven-plugin</artifactId>
?? ??? ??? ?</plugin>
?? ??? ?</plugins>
?? ?</build>
</project>
?
?
login.ftl?
<!DOCTYPE html> <html> <head lang="en"> <meta charset="UTF-8" /> <title></title> </head> <body>登錄頁面${msg}<form action="/login_check" method="post"><input type="text" name="username" /></br> </br> <input type="text"name="password" /></br> </br> <input type="submit" value="登錄" /></br></form></body></html>index.ftl
<!DOCTYPE html> <html> <head lang="en"> <meta charset="UTF-8" /> <title></title> </head> <body><form action="/logout" method="post"><input type="submit" value="退出" /></br></form>你好啊!${userName}</body> </html>config包中的:WebSecurityConfig? 首先更具login中action路徑 進入此處
package com.baidu.security.config;import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;@Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter {@Beanpublic MyUserDetailService myUserdetailService() {return new MyUserDetailService();}@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.userDetailsService(myUserdetailService()).passwordEncoder(new BCryptPasswordEncoder());}@Bean@Overrideprotected AuthenticationManager authenticationManager() throws Exception {return super.authenticationManager();}@Overrideprotected void configure(HttpSecurity http) throws Exception {http.csrf().disable(); // 關閉跨站檢測http.authorizeRequests().anyRequest().fullyAuthenticated();http.formLogin().loginPage("/login").loginProcessingUrl("/login_check").failureUrl("/login").defaultSuccessUrl("/index").permitAll();http.logout().permitAll();}public static void main(String[] args) {BCryptPasswordEncoder encode = new BCryptPasswordEncoder();String string = encode.encode("123456").toString();System.out.println(string);}}?config包中的:MyUserDetailService【用戶名秘密驗證】
package com.baidu.security.config;import java.util.ArrayList; import java.util.List;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service;import com.baidu.security.entity.Role; import com.baidu.security.entity.User; import com.baidu.security.mapper.UserRoleMapper; @Service public class MyUserDetailService implements UserDetailsService {@Autowiredprivate UserRoleMapper urMapper;@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {// 要去通過用戶名獲取數據庫的用戶User dbUser = urMapper.selectByUsername(username);if (dbUser == null) {System.out.println("用戶" + username + "不存在");throw new UsernameNotFoundException("用戶" + username + "不存在");}List<Role> roleList = urMapper.selectRoleList(username);List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();for (Role role : roleList) {GrantedAuthority e = new SimpleGrantedAuthority("ROLE_" + role.getCode());authorities.add(e);}try {// 是去做校驗密碼org.springframework.security.core.userdetails.User sUser = new org.springframework.security.core.userdetails.User(username, dbUser.getPassword(), authorities);return sUser;} catch (Exception e) {System.out.println("用戶" + username + "密碼錯誤");throw new UsernameNotFoundException("用戶" + username + "密碼錯誤");}}}control: 獲取Security(CQ瑞忒)的用戶信息
package com.baidu.security.controller;import java.util.Map;import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping;@Controller public class IndexController {@RequestMapping("/index")public String index(Map<String, String> map) {SecurityContext context = SecurityContextHolder.getContext();Authentication authentication = context.getAuthentication();Object principal = authentication.getPrincipal();System.out.println(principal.toString());map.put("userName", "屈伸");return "index";}@RequestMapping("/login")public String login(Map<String, String> map) {map.put("msg", "消息");return "login";} }?entity包中的實體類:Role
package com.baidu.security.entity;public class Role {private Integer id;private String code;private String name;public Integer getId() {return id;}public void setId(Integer id) {this.id = id;}public String getCode() {return code;}public void setCode(String code) {this.code = code;}public String getName() {return name;}public void setName(String name) {this.name = name;}}??entity包中的實體類:User
package com.baidu.security.entity;public class User {private Integer id;private String username;private String password;public Integer getId() {return id;}public void setId(Integer id) {this.id = id;}public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}}Mapper文件:
package com.baidu.security.mapper;import java.util.List;import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select;import com.baidu.security.entity.Role; import com.baidu.security.entity.User;@Mapper public interface UserRoleMapper {// 做登陸,通過用戶名獲取用戶信息@Select("select * from user where username = #{username} limit 1")User selectByUsername(@Param("username") String username);// 通過用戶名獲取權限列表@Select("select * from user u,role r,user_role ur where u.username = #{username} and ur.userId = u.id and ur.roleId = r.id")List<Role> selectRoleList(@Param("username") String username);}?參考博客:https://blog.csdn.net/pengshisong/article/details/82969900
?
總結
以上是生活随笔為你收集整理的SpringSecurity权限框架实战的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 大概的近义词
- 下一篇: gradle idea java ssm