Spring Security开发安全的REST服务之项目搭建
Posted 沸羊羊一个
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Spring Security开发安全的REST服务之项目搭建相关的知识,希望对你有一定的参考价值。
前言
实现达到的效果:
1、深入理解Spring Security及相关框架的原理、功能和代码。
2、可以基于Spring Security及相关框架独立开发认证授权相关功能。
3、掌握抽象和封装的常用技巧,可以编写可重用的模块供他人使用。
涉及的三个spring项目:
项目搭建
1、代码结构
2、构建maven项目
具体maven项目的构建在这里不多说了,非常简单。可以参考这篇文章IntelliJ IDEA创建maven多模块项目 ,按照上面的代码结构构建。搭建好的项目如下:
3、配置pom依赖
3.1、配置主模块依赖
immoc-security pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.immoc.security</groupId>
<artifactId>immoc-seccurity</artifactId>
<packaging>pom</packaging>
<version>1.0-SNAPSHOT</version>
<!--版本变量-->
<properties>
<imooc.security.version>1.0-SNAPSHOT</imooc.security.version>
</properties>
<dependencyManagement>
<dependencies>
<!--spring io 用于管理maven依赖的版本-->
<dependency>
<groupId>io.spring.platform</groupId>
<artifactId>platform-bom</artifactId>
<version>Brussels-SR6</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!---引入spring cloud,注意选择的是ga版本-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Dalston.SR5</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<!--编译插件-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.3.2</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
</plugins>
</build>
<!--引入子模块-->
<modules>
<module>immoc-security-code</module>
<module>immoc-security-app</module>
<module>immoc-security-browser</module>
<module>immoc-security-demo</module>
</modules>
</project>
3.2、子模块immoc-security-code的依赖
immoc-security-code pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>immoc-security-code</artifactId>
<parent>
<artifactId>immoc-seccurity</artifactId>
<groupId>com.immoc.security</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<dependencies>
<!--用于引入spring security相关的包和oauth jar-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<!--redis存储-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<!--jdbc存储-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<!--mysql 驱动-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<!--引入spring social 相关包,可用于第三方登录-->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-socail-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-web</artifactId>
</dependency>
<!--引入jdk工具包-->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
</dependency>
</dependencies>
</project>
3.3、子模块immoc-security-app依赖
immoc-security-app pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>immoc-seccurity</artifactId>
<groupId>com.immoc.security</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>immoc-security-app</artifactId>
<!--引入imooc-security-code子模块-->
<dependencies>
<dependency>
<groupId>com.immoc.security</groupId>
<artifactId>immoc-security-demo</artifactId>
<version>$imooc.security.version</version>
</dependency>
</dependencies>
</project>
3.4、子模块immoc-security-browser依赖
immoc-security-browser pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>immoc-seccurity</artifactId>
<groupId>com.immoc.security</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>immoc-security-browser</artifactId>
<dependencies>
<!--引入imooc-security-code子模块-->
<dependency>
<groupId>com.immoc.security</groupId>
<artifactId>immoc-security-code</artifactId>
<version>$imooc.security.version</version>
</dependency>
<!--引入session-->
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session</artifactId>
</dependency>
</dependencies>
</project>
3.5、子模块immoc-security-demo依赖
immoc-security-demo pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>immoc-seccurity</artifactId>
<groupId>com.immoc.security</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>immoc-security-demo</artifactId>
<dependencies>
<!--引入imooc-security-browser子模块-->
<dependency>
<groupId>com.immoc.security</groupId>
<artifactId>immoc-security-browser</artifactId>
<version>$imooc.security.version</version>
</dependency>
</dependencies>
<build>
<plugins>
<!--打包的插件-->
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>1.3.3.RELEASE</version>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
<finalName>demo</finalName><!--打包后的jar名称-->
</build>
</project>
4、Hello Spring Security
初步环境已搭建好,下面编写hello测试。
immoc-security-demo模块下新建DemoApplication类测试:
package com.immoc;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* Created by zhixinhua on 18/1/20.
*/
@SpringBootApplication
@RestController
public class DemoApplication
public static void main(String[] args)
SpringApplication.run(DemoApplication.class,args);
@GetMapping("/hello")
public String hello()
return "hello spring security!";
好了,总于可以跑起来了试试……
很遗憾,跑起来就抛出如下错误:
问题一:没有配置数据库链接
ok,那就配置数据库链接吧,新建application.properties(噢噢,当然要先创建数据库,这里就不详细说了)
application.properties
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://127.0.0.1:3306/springsecurity?useUnicode=true&characterEncoding=UTF-8
spring.datasource.username=root
spring.datasource.password=123456
问题二:由于在immoc-security-browser模块下加入了 集群环境下session的管理,所以报没有配置spring session存储管理。
目前我们暂时没有用到,先关闭。在application.properties中添加:
spring.session.store-type=none
到此,终于控制台没有报错了。访问http://localhost:7070/hello ,给我们弹出身份验证。
………用户名、密码是什么?????? 我现在也不知道,好吧!关掉它!!!
在application.properties中添加关闭基本的鉴权:
security.basic.enabled=false
重新启动,大功告成!!
完整的application.properties
#连数据连接配置
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://127.0.0.1:3306/springsecurity?useUnicode=true&characterEncoding=UTF-8
spring.datasource.username=root
spring.datasource.password=123456
#不需将session放入redis
spring.session.store-type=none
#关闭基本的鉴权
security.basic.enabled=false
#配置端口
server.port=7070
5、也可以使用maven把项目打包发布
5.1、immoc-security-demo的pom添加打包插件
<build>
<plugins>
<!--打包的插件-->
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>1.3.3.RELEASE</version>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
<finalName>demo</finalName><!--打包后的jar名称-->
</build>
5.2、maven 命令clean package运行项目
IntelliJ IDEA运行maven程序可参考IntelliJ IDEA 14 如何运行maven程序。
打包后可以看到immoc-security-demo target目录下多了demo.jar和demo.jar.original
5.3、执行demo.jar
切换到demo.jar所在目录,执行“java -jar demo.jar“,启动项目。
启动成功后即可访问。
项目搭建已完成,待续。。。。。。。
以上是关于Spring Security开发安全的REST服务之项目搭建的主要内容,如果未能解决你的问题,请参考以下文章
Spring(Websockets / REST / Security)、JWT 和 Sockjs(Stomp)集成
Spring MVC 和 Spring REST 的 Spring Security
SpringCloud - Spring Cloud 之 Security服务安全机制(二十)
从移动设备登录 Spring Security、Rest api 和 Facebook
Spring boot:无法从另一个 Origin 访问安全资源 - CORS - Spring Security - Spring data rest