SpringSecurity--认证与授权（demo）

package com.zcw.demospringsecurity.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName : AdminController
 * @Description :管理端--接口
 * @Author : Zhaocunwei
 * @Date: 2020-04-10 16:53
 */
@RestController
@RequestMapping("/admin")
public class AdminController {

    @GetMapping("api")
    public String api(){
        return "admin";
    }
}

package com.zcw.demospringsecurity.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName : AppController
 * @Description :客户端操作--接口
 * @Author : Zhaocunwei
 * @Date: 2020-04-10 16:53
 */
@RestController
@RequestMapping("/app")
public class AppController {

    @GetMapping("api")
    public String api(){
        return "app";
    }
}

package com.zcw.demospringsecurity.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName : UserController
 * @Description :用户操作的接口
 * @Author : Zhaocunwei
 * @Date: 2020-04-10 16:53
 */
@RestController
@RequestMapping("/user")
public class UserController {

    @GetMapping("api")
    public String api(){
        return "user";
    }
}

package com.zcw.demospringsecurity.controller;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @ClassName : WebSecurityConfig
 * @Description : 资源路径授权配置
 * @Author : Zhaocunwei
 * @Date: 2020-04-10 16:58
 */
@EnableWebSecurity
public class WebSecurityConfig  extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
       http.authorizeRequests()
               .antMatchers("/admin/**").hasRole("ADMIN") //antMatchers()是一个采用ANT模式的URL匹配器
               .antMatchers("/user/**").hasRole("USER")
               .antMatchers("/app").permitAll()
               .anyRequest().authenticated()
               .and()
               .formLogin();
    }
    /**
     * ANT模式使用-匹配任意单个字符，使用*表示：匹配0或者任意数量的字符，
     * 使用**匹配0或者更多的目录
     */
}

中学生大白杨

发布了458 篇原创文章 · 获赞 15 · 访问量 3万+

私信关注

SpringSecurity--认证与授权（demo）

猜你喜欢