Spring Security學(xué)習(xí)筆記(一)
介紹
這里學(xué)習(xí)SpringSecurity,對(duì)SpringSecurity進(jìn)行學(xué)習(xí)。
基本用法
添加依賴
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId></dependency>
添加接口
package com.example.demo.web;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RestController;@RestController@RequestMapping('/test')public class Test { @RequestMapping('/test') public String test(){ return 'test'; }}
啟動(dòng)項(xiàng)目
可以看到日志中,已經(jīng)有了密碼
訪問(wèn)接口,此時(shí)已經(jīng)有了登錄頁(yè)面
輸入用戶名和密碼
用戶名: user密碼 984cccf2-ba82-468e-a404-7d32123d0f9c
此時(shí)已經(jīng)登錄成功
配置用戶名和密碼
在配置文件中,進(jìn)行配置
spring:security:user:name: mingpassword: 123456roles: admin
輸入用戶名和密碼,可以正常登錄
基于內(nèi)存的認(rèn)證
需要自定義類繼承 WebSecurityConfigurerAdapter實(shí)現(xiàn)自定義的配置這里基于內(nèi)存的配置,如下
package com.example.demo.config;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.password.NoOpPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;@Configurationpublic class MyWebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean PasswordEncoder passwordEncoder(){ return NoOpPasswordEncoder.getInstance(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser('admin').password('123').roles('admin'); }}
這里基于內(nèi)存的配置
HttpSecurity
這里對(duì)某些方法進(jìn)行攔截
package com.ming.demo.interceptor;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.http.HttpMethod;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;@Configuration@EnableWebSecuritypublic class SecurityConfig extends WebSecurityConfigurerAdapter { //基于內(nèi)存的用戶存儲(chǔ) @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser('itguang').password('123456').roles('USER').and().withUser('admin').password('{noop}' + '123456').roles('ADMIN'); } //請(qǐng)求攔截 @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().permitAll().and().formLogin().permitAll().and().logout().permitAll(); }}
這里成功完成了post請(qǐng)求進(jìn)行登錄驗(yàn)證。
以上就是Spring Security學(xué)習(xí)筆記(一)的詳細(xì)內(nèi)容,更多關(guān)于Spring Security的資料請(qǐng)關(guān)注好吧啦網(wǎng)其它相關(guān)文章!
相關(guān)文章:
1. .NET中l(wèi)ambda表達(dá)式合并問(wèn)題及解決方法2. JSP數(shù)據(jù)交互實(shí)現(xiàn)過(guò)程解析3. 淺談python出錯(cuò)時(shí)traceback的解讀4. 利用promise及參數(shù)解構(gòu)封裝ajax請(qǐng)求的方法5. Python importlib動(dòng)態(tài)導(dǎo)入模塊實(shí)現(xiàn)代碼6. python matplotlib:plt.scatter() 大小和顏色參數(shù)詳解7. windows服務(wù)器使用IIS時(shí)thinkphp搜索中文無(wú)效問(wèn)題8. ASP 信息提示函數(shù)并作返回或者轉(zhuǎn)向9. 在Android中使用WebSocket實(shí)現(xiàn)消息通信的方法詳解10. Nginx+php配置文件及原理解析
網(wǎng)公網(wǎng)安備