First, I need to declare the xml file. I want to customize the user's authentication type, that is, I want to own query from the database
<HTTP pattern = "/ *. HTML" Security = "none" /> <HTTP pattern = "/ CSS / **" Security = "none" /> <HTTP pattern = "/ IMG / **" Security = "none "/> <HTTP pattern =" / JS / ** "Security =" none "/> <HTTP pattern =" / plugins / ** "Security =" none "/> <HTTP pattern =" / Seller / add.do "Security =" none "/> <- use-expressions:! set whether to activate SpEL expression, the default value is true. -> <HTTP-use Expressions = "false"> <-! Configuration SpringSecurity intercept path (blocking rules) * pattern: configure blocking rules. / * Represents all resources under the root path (does not include sub-path) / * represents all of the resources under the root path (sub path included) * Access: Open forms authentication username-the Parameter = "username" password-the Parameter = "password" the Login-Page: login page names begin with / default-target-url: login page after a successful jump path submitted: login-processing-url set default "/ login" can be modified -> <Login Login-Page-form = "/ shoplogin.html" default-target-URL = "/ ADMIN / index.html" Always-use-default-target = "to true "authentication-failure-URL =" / shoplogin.html "/> <-! checksums do not use csrf -> <csrf = Disabled" to true "/> <-! configuration does not intercept the page frame -> < headers> <Frame-Options Policy = "SAMEORIGIN" /> </ headers> <-! cancellation of Configuration -> <logout logout-url="/logout" logout-success-url="/shoplogin.html" /> </http> <!-- 配置认证管理器 --> <authentication-manager> <!-- 认证的提供者 --> <authentication-provider user-service-ref="userDetailService"> <password-encoder ref="passwordEncoder"></password-encoder> </authentication-provider> </authentication-manager> <!-- 配置自定义的认证类 --> <beans:bean id="userDetailService" class="com.qingmu2.core.service.UserDetailServiceImpl"> <beans:property name="sellerService" ref="sellerService"></beans:Property> <- encryption algorithm when using BCryptPasswordEncoder ->! </ Beans: bean> <beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
After completion of the custom profile, the need to customize the authentication module implemented class
UserDetailsService
package com.qingmu2.core.service; import com.alibaba.dubbo.config.annotation.Reference; import com.qingmu2.core.pojo.seller.Seller; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.List; /** * 自定义的认证类 * @Auther:qingmu * @Description:脚踏实地,只为出人头地 * @Date:Created in 8:33 2019/5/31 */ public class UserDetailServiceImpl implements UserDetailsService { private SellerService sellerService; public UserDetailServiceImpl() { } @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { Seller Seller = sellerService.findOne (username); IF ( null ! = Seller) { // determine whether a business is audited by. IF ( "1" .equals (seller.getStatus ())) { // create a collection, storing permissions for HashSet <the GrantedAuthority> Authorities = new new HashSet <> (); authorities.add ( new new SimpleGrantedAuthority ( "ROLE_SELLER" )); // this information back to the user authentication based return new new the user (username, seller.getPassword (), Authorities); } } //没有这个用户,则返回null return null; } public UserDetailServiceImpl(SellerService sellerService) { this.sellerService = sellerService; } public SellerService getSellerService() { return sellerService; } public void setSellerService(SellerService sellerService) { this.sellerService = sellerService; } }