SpringSecurity前后端分离配置(二)

其他 2020-01-15 12:56:32 阅读次数: 0

前言

文档1:https://www.cnblogs.com/guos/archive/2019/10/02/11617243.html
文档2:

配置

自己的配置,结合了其他文档

import com.website.server.system.security.hander.LoginFailureHandler;
import com.website.server.system.security.hander.LoginSuccessHandler;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author :qilong sun
 * @date :Created in 2019/11/27 16:56
 * @description:security配置
 * @modified By:
 * @version: V1.0$
 */
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        // 开启授权认证
        httpSecurity.authorizeRequests().anyRequest().authenticated();
        // 配置登录
        httpSecurity.formLogin().usernameParameter("loginAccount").passwordParameter("loginPwd").loginProcessingUrl("/toLogin");
        // 登录成功处理
        httpSecurity.formLogin().successHandler(new LoginSuccessHandler());
        // 登录失败处理
        httpSecurity.formLogin().failureHandler(new LoginFailureHandler());
        // csrf配置
        httpSecurity.csrf();
        // 开启跨域共享,跨域伪造请求限制=无效
        httpSecurity.cors().and().csrf().disable();
    }
}

import com.alibaba.fastjson.JSONObject;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @author :qilong sun
 * @date :Created in 2019/12/11 13:48
 * @description:登录成功处理
 * @modified By:
 * @version: V1.0$
 */
public class LoginSuccessHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        Map<String, String> map = new HashMap<>();
        map.put("code","200");
        map.put("msg","登录成功");
        httpServletResponse.getWriter().write(JSONObject.toJSONString(map));
    }
}

import com.alibaba.fastjson.JSONObject;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @author :qilong sun
 * @date :Created in 2019/12/11 14:49
 * @description:登录失败处理
 * @modified By:
 * @version: V1.0$
 */
public class LoginFailureHandler implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException {
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        Map<String, String> map = new HashMap<>();
        if(e instanceof AccessDeniedHandler){
            map.put("code","401");
            map.put("msg","权限不足");
        }else if(e instanceof AuthenticationEntryPoint){
            map.put("code","401");
            map.put("msg","登录过期或未登录");
        }else if(e instanceof AccountExpiredException){
            map.put("code","401");
            map.put("msg","账户过期");
        }else if(e instanceof BadCredentialsException){
            map.put("code","401");
            map.put("msg","坏的凭证");
        }else if(e instanceof DisabledException){
            map.put("code","401");
            map.put("msg","账户不可用");
        }else if(e instanceof CredentialsExpiredException){
            map.put("code","403");
            map.put("msg","证书过期");
        }else{
            map.put("code","500");
            map.put("msg","登录失败");
        }
        httpServletResponse.getWriter().write(JSONObject.toJSONString(map));
    }

}
树林中的啄木鸟
发布了48 篇原创文章 · 获赞 14 · 访问量 7万+
私信 关注

猜你喜欢

转载自blog.csdn.net/s1441101265/article/details/103490889
今日推荐
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
基于大语言模型的开源知识库问答系统 MaxKB GitHub Star 数量突破 5,000 个!
美国拟限制 AI 大模型出口中国和俄罗斯
苹果将与 OpenAI 达成协议,将 ChatGPT 应用于 iPhone
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
《2024 年一季度互联网投融资运行情况》研究报告
报告:Django 仍然是 74% 开发者的首选
周排行
返回指定时间格式
fopen函数中的mode参数
Java 单例模式探讨
Flex remoteobject工作原理探讨
寻找mplayer的便捷安装方法
30天了解30种技术系列---(26)MySQL自动化运维工具Inception
关于Jboss/Tomcat/Jetty的JNDI定义123
程序减肥,strip,eu-strip 及其符号表
AsyncTask、View.post(Runnable)、ViewTreeObserver三种方式总结frame animation自动启动
Json和Bean的互相转换
每日归档
更多
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022