springboot 整合security

package com.example.demo.security;

import com.example.demo.service.CustomUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

/**
 * @author sly
 * @version 1.0
 * @date 2019/9/25 11:24
 */
@Configuration
@EnableWebSecurity
//@EnableAutoConfiguration
//@EnableGlobalMethodSecurity(prePostEnabled=true)//开启全局 Securtiy 注解

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

//    @Bean
//    public CustomUserService customUserService() {
//        return new CustomUserService();
//    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

//        //路由策略和访问权限的简单配置
//        http
//                .formLogin()                      //启用默认登陆页面
//                .failureUrl("/login?error")     //登陆失败返回URL:/login?error
//                .defaultSuccessUrl("/hello")  //登陆成功跳转URL，这里调整到用户首页
//                .permitAll();                    //登陆页面全部权限可访问
//        super.configure(http);

        //设置登录,注销，表单登录不用拦截，其他请求要拦截
        http.authorizeRequests().antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
                .logout().permitAll()
                .and()
                .formLogin()
                .defaultSuccessUrl("/hello")
                .failureUrl("/login?error");  //登陆失败返回URL:/login?error
        //关闭默认的csrf认证
        http.csrf().disable();

    }

    /**
     * 配置内存用户
     */
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//        auth
////                .userDetailsService(customUserService()).passwordEncoder(new BCryptPasswordEncoder());
////        auth.userDetailsService(userService).passwordEncoder(new BCryptPasswordEncoder());
//
//                .inMemoryAuthentication()
//                .withUser("阿毅").password("123456").roles("ADMIN")
//                .and()
//                .withUser("阿兰").password("123456").roles("USER");

        auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN");
        //.passwordEncoder(new MyPasswordEncoder())。
        //这样，页面提交时候，密码以明文的方式进行匹配。
        auth.inMemoryAuthentication().passwordEncoder(new MyPasswordEncoder()).withUser("cxh").password("cxh").roles("ADMIN");

    }
}

参考https://blog.csdn.net/weixin_39220472/article/details/80865411此文！！！

package com.example.demo.security;

import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @author sly
 * @version 1.0
 * @date 2019/9/26 13:35
 */
public class MyPasswordEncoder implements PasswordEncoder {
    @Override
    public String encode(CharSequence charSequence) {
        return charSequence.toString();
    }

    @Override
    public boolean matches(CharSequence charSequence, String s) {
        return s.equals(charSequence.toString());
    }

}