SpringSecurity
2021-03-28 15:27
标签:tps 使用 cal cat match info repo pack orm 1、导包,使用maven搭建项目 2、关闭thymeleaf缓存 3、导入静态资源和相应页面代码 4、建立controller层 运用了 Aop 切面编程思想 SpringSecurity 标签:tps 使用 cal cat match info repo pack orm 原文地址:https://www.cnblogs.com/wdsjg/p/13624208.htmlSpringSecurity
1、环境搭建
maven网址:https://mvnrepository.com/
搜索需要导入的包名
dependency>
groupId>org.thymeleaf.extrasgroupId>
artifactId>thymeleaf-extras-springsecurity4artifactId>
version>3.0.4.RELEASEversion>
dependency>
?
dependency>
groupId>org.springframework.bootgroupId>
artifactId>spring-boot-starter-securityartifactId>
dependency>
dependency>
groupId>org.thymeleafgroupId>
artifactId>thymeleaf-spring5artifactId>
dependency>
dependency>
groupId>org.thymeleaf.extrasgroupId>
artifactId>thymeleaf-extras-java8timeartifactId>
dependency>
spring.thymeleaf.cache=false
package com.company.controller;
?
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
?
@Controller
public class MyController {
?//跳转到首页
@RequestMapping({"/","/index"})
public String index(){
return "index";
}
?
//登录页面
@RequestMapping("/toLogin")
public String login(){
return "views/login";
}
?
//restful风格传参,利用地址传递的参数,调用views文件下不同的页面 1.html\2.html\3.html
//如:http://localhost:8080/level1/1
//下面的一样
@RequestMapping("/level1/{id}")
public String level1(@PathVariable("id") int id){
//拼接
return "views/level1/"+id;
}
?
@RequestMapping("/level2/{id}")
public String level2(@PathVariable("id") int id){
return "views/level2/"+id;
}
?
@RequestMapping("/level3/{id}")
public String level3(@PathVariable("id") int id){
return "views/level3/"+id;
}
}2、权限与认证
package com.company.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
/**
* aop 思想
* 将所添加的东西,横切进原来的代码,不影响以前的代码
*
* */
//权限
//链式编程
@Override
protected void configure(HttpSecurity http) throws Exception {
// 所有人均可访问首页,但功能页需要的到相应的权限
http.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/level1/**").hasRole("v1")
.antMatchers("/level2/**").hasRole("v2")
.antMatchers("/level3/**").hasRole("v3");
//在没有权限的情况下,跳转到登录页面
http.formLogin().loginPage("/toLogin");
//注销
//注销成功后,回到首页
http.csrf().disable();
http.logout().logoutSuccessUrl("/");
//记住登录信息
http.rememberMe().rememberMeParameter("remember");
}
//认证
//需对密码进行加密 password(new BCryptPasswordEncoder().encode("123456"))
//不然,则会报错
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("1").password(new BCryptPasswordEncoder().encode("123456")).roles("v1","v2","v3")
.and()
.withUser("2").password(new BCryptPasswordEncoder().encode("123456")).roles("v2","v3")
.and()
.withUser("3").password(new BCryptPasswordEncoder().encode("123456")).roles("v3");
}
}
上一篇:Java 基础学习一些小知识