write in front
Since Spring Boot and Spring Cloud became popular, Spring Security has also dipped in the light!
In fact, I have always thought that Spring Security is a much better rights management framework than Shiro, but the heavyweight, cumbersome configuration, and high threshold have always plagued Spring Security developers and discouraged many beginners. Until Spring Boot came out, all these problems were alleviated.
In Spring Boot or Spring Cloud, if you want to choose a permissions management framework, there is almost no doubt that you choose Spring Security. Shiro has no advantage in this environment.
But the friends who want to learn Spring Security do not have a starting direction, or better learning materials. The editor recently discovered a set of Spring Security source code application manuals , which is really good, and I will share it with you now!
If you need a friend, you can send a private message to [0421]~
Spring Security Notes Part 1:
General Table of Contents
- 1. Case introduction
Note: For the convenience of teaching, a semi-finished back-end management system has been prepared for everyone here. If you want to improve the other part, you need to use the content we learned today, Spring Security.
- Second, the first understanding of rights management
Permission management generally refers to that according to the security rules or security policies set by the system, users can access and only access the resources they are authorized to. Authority management appears in almost any system, provided that a system with user and password authentication is required
3. Getting to know Spring Security for the first time
Spring Security is a security framework implemented by spring using AOP ideas and based on servlet filters. It provides a complete authentication mechanism and method-level authorization functions. It is a very good permission management framework.
Fourth, the Spring Security filter chain
A filter is a typical AOP idea. I won't go into details about what a filter is. Who doesn't know that any web project can use a filter? In this section, let's take a look at what these filters in Spring Security are used for.
5. Spring Security uses a custom authentication page
6. Spring Security uses database data to complete authentication
Spring Security Notes Part II
Content display
1. Set the user status
2. Log out
6. Dynamic display menu
Spring Security Notes Part 3 - Integrating SpringBoot
The third part mainly explains how SpringSecurity integrates the centralized and distributed versions of SpringBoot. Let's take a look at the directory first!
SpringSecurity integrates SpringBoot centralized version
SpringSecurity integrates SpringBoot distributed version
Spring Security Notes Part 4 - OAuth
The OAuth protocol provides a secure, open and simple standard for the authorization of user resources. The difference from the previous authorization method is that the authorization of OAuth will not allow the third party to access the user's account information (such as user name and password), that is, the third party can apply to obtain the user's resource without using the user's user name and password. authorization, so OAuth is secure. This note has an explanation of OAuth, let's look at the directory first!
Content display:
Summarize
The content of the information is too much, and the editor does not show the details. The friends who need it can send a private message to [0421]~