Spring Security学习笔记(一)
介绍
这里学习SpringSecurity,对SpringSecurity进行学习。
基本用法
添加依赖
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId></dependency>
添加接口
package com.example.demo.web;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RestController;@RestController@RequestMapping('/test')public class Test { @RequestMapping('/test') public String test(){ return 'test'; }}
启动项目
可以看到日志中,已经有了密码
访问接口,此时已经有了登录页面
输入用户名和密码
用户名: user密码 984cccf2-ba82-468e-a404-7d32123d0f9c
此时已经登录成功
配置用户名和密码
在配置文件中,进行配置
spring:security:user:name: mingpassword: 123456roles: admin
输入用户名和密码,可以正常登录
基于内存的认证
需要自定义类继承 WebSecurityConfigurerAdapter实现自定义的配置这里基于内存的配置,如下
package com.example.demo.config;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.password.NoOpPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;@Configurationpublic class MyWebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean PasswordEncoder passwordEncoder(){ return NoOpPasswordEncoder.getInstance(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser('admin').password('123').roles('admin'); }}
这里基于内存的配置
HttpSecurity
这里对某些方法进行拦截
package com.ming.demo.interceptor;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.http.HttpMethod;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;@Configuration@EnableWebSecuritypublic class SecurityConfig extends WebSecurityConfigurerAdapter { //基于内存的用户存储 @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser('itguang').password('123456').roles('USER').and().withUser('admin').password('{noop}' + '123456').roles('ADMIN'); } //请求拦截 @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().permitAll().and().formLogin().permitAll().and().logout().permitAll(); }}
这里成功完成了post请求进行登录验证。
以上就是Spring Security学习笔记(一)的详细内容,更多关于Spring Security的资料请关注好吧啦网其它相关文章!
相关文章:
1. JXTA Java标准版本 2.3.7 发布2. JS实现手写 forEach算法示例3. PHP设计模式之迭代器模式浅析4. 用css截取字符的几种方法详解(css排版隐藏溢出文本)5. Spring FreeMarker整合Struts2过程详解6. Android Studio3.6新特性之视图绑定ViewBinding使用指南7. Pycharm中安装wordcloud等库失败问题及终端通过pip安装的Python库如何添加到Pycharm解释器中(推荐)8. python b站视频下载的五种版本9. ASP.NET MVC使用正则表达式验证手机号码10. vue学习笔记之slot插槽用法实例分析
网公网安备