First, I need to declare the xml file. I want to customize the user's authentication type, that is, I want to own query from the database
<HTTP pattern = "/ *. HTML" Security = "none" />
<HTTP pattern = "/ CSS / **" Security = "none" />
<HTTP pattern = "/ IMG / **" Security = "none "/>
<HTTP pattern =" / JS / ** "Security =" none "/>
<HTTP pattern =" / plugins / ** "Security =" none "/>
<HTTP pattern =" / Seller / add.do "Security =" none "/>
<- use-expressions:! set whether to activate SpEL expression, the default value is true. ->
<HTTP-use Expressions = "false">
<-!
Configuration SpringSecurity intercept path (blocking rules)
* pattern: configure blocking rules. / * Represents all resources under the root path (does not include sub-path) / * represents all of the resources under the root path (sub path included)
* Access:
Open forms authentication
username-the Parameter = "username"
password-the Parameter = "password"
the Login-Page: login page names begin with /
default-target-url: login page after a successful jump
path submitted: login-processing-url set default "/ login" can be modified
->
<Login Login-Page-form = "/ shoplogin.html" default-target-URL = "/ ADMIN / index.html" Always-use-default-target = "to true "authentication-failure-URL =" / shoplogin.html "/>
<-! checksums do not use csrf ->
<csrf = Disabled" to true "/>
<-! configuration does not intercept the page frame ->
< headers>
<Frame-Options Policy = "SAMEORIGIN" />
</ headers>
<-! cancellation of Configuration ->
<logout logout-url="/logout" logout-success-url="/shoplogin.html" />
</http>
<!-- 配置认证管理器 -->
<authentication-manager>
<!-- 认证的提供者 -->
<authentication-provider user-service-ref="userDetailService">
<password-encoder ref="passwordEncoder"></password-encoder>
</authentication-provider>
</authentication-manager>
<!-- 配置自定义的认证类 -->
<beans:bean id="userDetailService" class="com.qingmu2.core.service.UserDetailServiceImpl">
<beans:property name="sellerService" ref="sellerService"></beans:Property>
<- encryption algorithm when using BCryptPasswordEncoder ->!
</ Beans: bean>
<beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
After completion of the custom profile, the need to customize the authentication module implemented class
UserDetailsService
package com.qingmu2.core.service; import com.alibaba.dubbo.config.annotation.Reference; import com.qingmu2.core.pojo.seller.Seller; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.List; /** * 自定义的认证类 * @Auther:qingmu * @Description:脚踏实地,只为出人头地 * @Date:Created in 8:33 2019/5/31 */ public class UserDetailServiceImpl implements UserDetailsService { private SellerService sellerService; public UserDetailServiceImpl() { } @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { Seller Seller = sellerService.findOne (username); IF ( null ! = Seller) { // determine whether a business is audited by. IF ( "1" .equals (seller.getStatus ())) { // create a collection, storing permissions for HashSet <the GrantedAuthority> Authorities = new new HashSet <> (); authorities.add ( new new SimpleGrantedAuthority ( "ROLE_SELLER" )); // this information back to the user authentication based return new new the user (username, seller.getPassword (), Authorities); } } //没有这个用户,则返回null return null; } public UserDetailServiceImpl(SellerService sellerService) { this.sellerService = sellerService; } public SellerService getSellerService() { return sellerService; } public void setSellerService(SellerService sellerService) { this.sellerService = sellerService; } }