Created
December 11, 2018 03:18
-
-
Save qlong8807/a716a525d1a2cea86f4c0d4851066ce2 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import javax.sql.DataSource; | |
| import org.springframework.beans.factory.annotation.Autowired; | |
| import org.springframework.context.annotation.Bean; | |
| import org.springframework.context.annotation.Configuration; | |
| import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; | |
| import org.springframework.security.config.annotation.web.builders.HttpSecurity; | |
| import org.springframework.security.config.annotation.web.builders.WebSecurity; | |
| import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | |
| import org.springframework.security.core.userdetails.UserDetailsService; | |
| import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | |
| import org.springframework.security.crypto.password.PasswordEncoder; | |
| /** | |
| * @desc 需要重写3个configure方法。 | |
| */ | |
| @Configuration | |
| //@EnableWebSecurity//SpringBoot下无需使用 | |
| public class SecurityConfig extends WebSecurityConfigurerAdapter { | |
| @Autowired | |
| DataSource dataSource; | |
| @Bean | |
| public UserDetailsService userDetailsService() { | |
| return new CustomUserDetailsService(); | |
| } | |
| /** | |
| * Security提供了密码加密类,可以用passwordEncoder.encode对密码进行加密,matches对密码进行判断匹配 | |
| * @return | |
| */ | |
| @Bean | |
| public PasswordEncoder passwordEncoder() { | |
| return new BCryptPasswordEncoder(); | |
| } | |
| /* | |
| * 重写该方法可以实现认证和授权 | |
| */ | |
| @Override | |
| protected void configure(AuthenticationManagerBuilder auth) throws Exception { | |
| // 1.内存中的用户,使用inMemoryAuthentication方法指定。 | |
| auth.inMemoryAuthentication().withUser("username").password("password").roles("login", "manage").and() | |
| .withUser("username1").password("password").roles("login", "manage"); | |
| // 2.JDBC用户。 | |
| auth.jdbcAuthentication().dataSource(dataSource); | |
| // 这句使用了Security默认的数据库表结构。默认语句查看:org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl | |
| // 3.JDBC自定义SQL | |
| auth.jdbcAuthentication().dataSource(dataSource) | |
| .usersByUsernameQuery("select username,password,true from sys_user where username=?") | |
| .authoritiesByUsernameQuery("select username,role from sys_roles where username=?"); | |
| // 4.自定义实现UserDetailsService接口 | |
| auth.userDetailsService(userDetailsService()); | |
| } | |
| @Override | |
| protected void configure(HttpSecurity http) throws Exception { | |
| http.formLogin() // 定义当需要用户登录时候,转到的登录页面。 | |
| .loginPage("/login.html") // 设置登录页面 | |
| .loginProcessingUrl("/user/login") // 自定义的登录接口 | |
| .and().logout().permitAll() | |
| .and().authorizeRequests() // 定义哪些URL需要被保护、哪些不需要被保护 | |
| .antMatchers("/login.html").permitAll() // 设置所有人都可以访问登录页面 | |
| .anyRequest() // 任何请求,登录后可以访问 | |
| .authenticated().and().csrf().disable(); // 关闭csrf防护 | |
| } | |
| @Override | |
| public void configure(WebSecurity web) throws Exception { | |
| // TODO Auto-generated method stub | |
| super.configure(web); | |
| } | |
| } | |
| //UserDetails配置类。 | |
| import java.util.ArrayList; | |
| import java.util.List; | |
| import org.springframework.beans.factory.annotation.Autowired; | |
| import org.springframework.security.core.GrantedAuthority; | |
| import org.springframework.security.core.authority.SimpleGrantedAuthority; | |
| import org.springframework.security.core.userdetails.User; | |
| import org.springframework.security.core.userdetails.UserDetails; | |
| import org.springframework.security.core.userdetails.UserDetailsService; | |
| import org.springframework.security.core.userdetails.UsernameNotFoundException; | |
| import com.baomidou.mybatisplus.mapper.EntityWrapper; | |
| import com.baomidou.mybatisplus.mapper.Wrapper; | |
| import com.xa.jans.entity.SysUser; | |
| import com.xa.jans.service.SysUserService; | |
| public class CustomUserDetailsService implements UserDetailsService{ | |
| @Autowired | |
| private SysUserService sysUserService; | |
| @Override | |
| public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { | |
| Wrapper<SysUser> wrapper = new EntityWrapper<SysUser>(); | |
| wrapper.eq("username", username); | |
| SysUser selectOne = sysUserService.selectOne(wrapper); | |
| List<GrantedAuthority> authorities = new ArrayList<>(); | |
| authorities.add(new SimpleGrantedAuthority("")); | |
| return new User(username, selectOne.getPassword(), authorities); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
添加thymeleaf的security支持。
thymeleaf页面支持security标签:
<div sec:authorize="hasRole('ROLE1')"></div>