package com.zcw.demospringsecurity.demo10;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
/**
* @ClassName : WebSec8r9tyConfig
* @Description :
* @Author : Zhaocunwei
* @Date: 2020-04-12 09:45
*/
@EnableWebSecurity
public class WebSec8r9tyConfig extends WebSecurityConfigurerAdapter {
@Bean
public UserDetailsService userDetailsService(){
InMemoryUserDetailsManager memoryUserDetailsManager = new InMemoryUserDetailsManager();
memoryUserDetailsManager.createUser(User.withUsername("user").password("1234567890")
.roles("USER")
.build());
memoryUserDetailsManager.createUser(User.withUsername("admin").password("123456789")
.roles("USER","ADMIN").build());
return memoryUserDetailsManager;
}
@Override
protected void configure(HttpSecurity http) throws Exception{
http.authorizeRequests()
.antMatchers("/admin/**")
.hasAuthority("ROLE_ADMIN")
.antMatchers("/user/**")
.hasRole("USER")
.antMatchers("/app")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.and()
.sessionManagement()
.maximumSessions(1);//最大会话数设置为1
}
}
SpringSecurity---实现会话并发控制--对浏览器的唯一性(单机版)
猜你喜欢
转载自blog.csdn.net/qq_32370913/article/details/105552426
今日推荐
周排行