SpringCloud学习笔记018---SpringBoot前后端分离_集成_SpringSecurity_简单实现

SpringBoot前后端分离_集成_SpringSecurity_简单实现
1.新建SpringBoot项目,可以使用idea,快速创建
   file-create-project->选择web,sql:mysql mybatis这样就可以了
2.application.properties
spring.profiles.active=dev
# 所有环境通用的配置，放在这里

3.application-dev.properties
# 开发环境配置
# 数据源配置，请修改为你项目的实际配置
spring.datasource.url=jdbc:mysql://172.19.128.30:3306/test_lidw?useUnicode=true&characterEncoding=UTF-8
spring.datasource.username=root
spring.datasource.password=root
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
#指定服务端口
server.port=8089

4.
com.springsecurity.demo.controller.HelloController
package com.springsecurity.demo.controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HelloController {
    // 省略之前的内容...
    @RequestMapping("/login")
    public String login() {
        return "login";
    }

    // 省略之前的内容...
    @RequestMapping("/hello")
    public String hello() {
        return "hello";
    }
}

--------------------------------------
5.
com.springsecurity.demo.security.WebSecurityConfig

package com.springsecurity.demo.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder ;
    @Configuration
    @EnableWebSecurity//通过@EnableWebSecurity注解开启Spring Security的功能
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    //通过@EnableWebSecurity注解开启Spring Security的功能
        @Override//configure(HttpSecurity http)方法
        protected void configure(HttpSecurity http) throws Exception {
            //通过authorizeRequests()定义哪些URL需要被保护、哪些不需要被保护。
            //例如以上代码指定了/和/home不需要任何认证就可以访问，其他的路径都必须通过身份验证。
            http
                    .authorizeRequests()
                    .antMatchers("/", "/home").permitAll()
                    .anyRequest().authenticated()
                    .and()
                    .formLogin()
                    .loginPage("/login")//通过formLogin()定义当需要用户登录时候，转到的登录页面。
                    .permitAll()
                    .and()
                    .logout()
                    .permitAll();
        }

        //configureGlobal(AuthenticationManagerBuilder auth)方法，在内存中创建了一个用户，
        // 该用户的名称为user，密码为password，用户角色为USER。
        // 在完成了Spring Security配置之后，我们还缺少登录的相关内容。
        //HelloController中新增/login请求映射至login.html

        @Autowired
        public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
            auth
                    .inMemoryAuthentication()
                    .withUser("user").password("password").roles("USER");
        }

    }

-------------------------------
6.com.springsecurity.demo.DemoApplication
package com.springsecurity.demo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class DemoApplication {

    public static void main(String[] args) {
        SpringApplication.run(DemoApplication.class, args);
    }
}
---------------------------------------------------------
E:\项目代码\spring-security-demo\pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.springsecurity</groupId>
    <artifactId>demo</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>jar</packaging>

    <name>demo</name>
    <description>Demo project for Spring Boot</description>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.0.3.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>1.8</java.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>1.3.2</version>
        </dependency>

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

//1.这里特殊的用到了这个依赖
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

--------------------------------
写完之后,就可以去访问:
http://localhost:8089/hello
访问的时候,由于没有登录,会自动跳转到登录页面
地址变成:
http://localhost:8089/login