两种方法简单配置
一、配置文件yml进行配置账号密码
NoOpPasswordEncoder意思是不需要加密登录,spring5后就强制要求加密除非自己声明好,其他两个方法默认即可
在目录config下创建SecurityConfig.java
package lingnan.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author whongf
* @create 2020-07-22-19:44
*/
@Configuration
@EnableWebSecurity
public class TmallSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//定制请求规则,即授权
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
super.configure(auth);
//定义认证
}
//给密码加密用
@Bean
public PasswordEncoder passwordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
}
yaml配置中
spring:
security:
user:
name: whongf
password: 123
Controller配置一个方法即可
@GetMapping("hello")
public String hello(){
return "hello Security";
}
二、类文件进行配置
1)不设置密码
日志区会出现临时密码,账号默认是user
Using generated security password: 03a28d51-016b-4cf0-8e29-4e61cbdc00b2
SecurityConfig.java
package lingnan.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author whongf
* @create 2020-07-22-19:44
*/
@Configuration
@EnableWebSecurity
public class TmallSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//定制请求规则,即授权
http.authorizeRequests()
.antMatchers("/admin/hello").permitAll() //如果是请求/admin/hello,则会放行
.antMatchers("/admin/login").permitAll()//post请求
.and().csrf().disable();// 关闭跨站请求防护,这样可以放行login的post请求
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
super.configure(auth);
//定义认证
}
//给密码加密用
@Bean
public PasswordEncoder passwordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
}
2)想设置密码
只需在认证区进行修改,记得注释掉super继承
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// super.configure(auth);
//定义认证
auth.inMemoryAuthentication()
.withUser("whf")
.password("123")
.roles("admin");
}
三、通过获取用户表设置security登录密码和权限角色
umsAdminServiceImpl 的接口umsAdminService继承UserDetailService类后
在umsAdminServiceImpl 实现下面的方法
@Override
public UserDetails loadUserByUsername(String username) {
//从数据库查询username的用户
UmsAdminExample example= new UmsAdminExample();
example.createCriteria().andUsernameEqualTo(username);
List<UmsAdmin> list =baseMapper.selectByExample(example);
if (list==null||list.size()==0){
throw new UsernameNotFoundException("用户账号不存在");
}
UmsAdmin bean=list.get(0);
//security有一个默认实现了UserDetails接口的类叫做User
Collection<GrantedAuthority> authorities = Lists.newArrayList();
GrantedAuthority auth= new SimpleGrantedAuthority("ROLE_"+"admin");//规定好的前面必须加"ROLE_"
authorities.add(auth);
// auth= new SimpleGrantedAuthority("ROLE_"+"hello");
// authorities.add(auth);
User user= new User(username,bean.getPassword(),authorities);
return user;
}
TmallSecurityConfig的配置,记得注释各个方法的super
package lingnan.config;
import lingnan.ums.service.UmsAdminService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author whongf
* @create 2020-07-22-19:44
*/
@Configuration
@EnableWebSecurity
public class TmallSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// super.configure(http);
//定制请求规则,即授权
http.authorizeRequests()
.antMatchers("/admin/hello").hasRole("hello")//如果是hello角色请求/admin/hello,则会放行
.antMatchers("/admin/welcome").hasRole("admin")//如果是admin角色请求/admin/welcome,则会放行
.antMatchers("/admin/login").hasRole("admin")
.anyRequest().authenticated()
.and()
.formLogin().and()
.httpBasic();
// .and().csrf().disable();// 关闭跨站请求防护,这样可以放行login的post请求
}
@Autowired
UmsAdminService umsAdminService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// super.configure(auth);
//定义认证
// auth.inMemoryAuthentication()
// .withUser("whf")
// .password("123")
// .roles("admin");
auth.userDetailsService(umsAdminService).passwordEncoder(passwordEncoder());
}
//给密码加密用
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}