SpringBoot integration SpringSecurity of memory-based authentication (a)

SpringBoot integration SpringSecurity of memory-based authentication (a)

In the first tutorial, we simply understand a bit SpringSecurity use gestures, adding a dependency in application.ymlplus a few lines of configuration files, you can achieve a basic login authentication;

The default configuration can only set one account, so if you need multiple accounts how can it support?

This article will introduce a memory-based authentication

I. Certified Memory

Memory-based authentication information stored way, this post will introduce two common use gestures

0.5 Project Configuration

Environment configuration and the same front, the content can refer Bowen: 191 223-SpringBoot integration of the origin of articles SpringSecurity (zero)

1. WebSecurityConfigurerAdapter

Here is the main means of SpringSecuritythe adapter to the configuration process, the following is a simple case

@Configuration
public class SecurityAdapterConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 测试时，可以直接用下面的方式
        //        User.UserBuilder builder = User.withDefaultPasswordEncoder();
        User.UserBuilder builder = User.builder().passwordEncoder(passwordEncoder()::encode);
        auth.inMemoryAuthentication().withUser(builder.username("hui1").password("123456").roles("guest").build());
        auth.inMemoryAuthentication().withUser(builder.username("hui2").password("123456").roles("guest").build());
    }
}

The main logic in configurethis method, but note that we set up additional encryption password, and when we do not set this time, when you actually log will find that even if you enter the correct user name and password, will prompt fail (Gangster welcome you measured it)

@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}

Second, when creating the user should be noted that, in addition to set up a user name and password outside, returned to the user plus a role, this will introduce its role in the follow-up article RBAC (role-based authority) in

2. UserDetailsService

Here are another way, when the authentication information stored in the back of the db, will be used; SpringSecurity in the implementation of, the information corresponding to the user query through the bean UserDetailService user name; we just need to implement a self-us the definition of Bean to replace the default, since you can achieve our goals

Our configuration class as follows

@Configuration
public class SecurityAutoConfig {

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    /**
     * 基于内存的认证方式
     *
     * @param passwordEncoder
     * @return
     */
    @Bean
    public UserDetailsService userDetailsService(PasswordEncoder passwordEncoder) {
        User.UserBuilder users = User.builder().passwordEncoder(passwordEncoder::encode);
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(users.username("1hui").password("123456").roles("guest").build());
        manager.createUser(users.username("2hui").password("666666").roles("manager").build());
        manager.createUser(users.username("3hui").password("root").roles("admin").build());
        return manager;
    }
}

3. Test

The above two methods can achieve authentication information stored in memory, then we enter the actual link, the first to write a http Interface

@RestController
public class IndexRest {

    public String getUser() {
        // 获取用户信息
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();

        String userName;
        if (principal instanceof UserDetails) {
            userName = ((UserDetails) principal).getUsername();
        } else {
            userName = principal.toString();
        }
        return userName;
    }

    /**
     * @return
     */
    @GetMapping(path = {"/"})
    public String index() {
        return "hello this is index! welcome " + getUser();
    }
}

In the actual test sample, the above two are ok case, the following process is mainly based on the presentation given by way of a second

II. Other

0. series Bowen & Source Project

Hirofumi

• 191223-SpringBoot integration of the origin of articles SpringSecurity (zero)

Source

• Project: https://github.com/liuyueyi/spring-boot-demo
• Source: - https://github.com/liuyueyi/spring-boot-demo/tree/master/spring-security/001-authentication-mem-config - https://github.com/liuyueyi/spring-boot-demo / tree / master / spring-security / 001-authentication-mem-userdetail

1. A gray Blog

Believe everything the book is not as good, above, is purely one of the words, due to limited personal capacity, it is inevitable omissions and mistakes, such as find a bug or have better suggestions are welcome criticism and generous gratitude

Here a gray personal blog, recording all study and work in the blog, welcome to go around

• A gray Blog personal blog https://blog.hhui.top
• A gray Blog-Spring thematic blog http://spring.hhui.top