spring-security安全登录

Posted 2020-11-23 孤独的根号er

1）修改pom.xml ，添加依赖

 <!-- 身份验证 -->

<dependency>

<groupId>org.springframework.security</groupId>

<artifactId>spring-security-web</artifactId>

</dependency>

<dependency>

<groupId>org.springframework.security</groupId>

<artifactId>spring-security-config</artifactId>

</dependency>

（2）修改web.xml

<context-param>

<param-name>contextConfigLocation</param-name>

<param-value>classpath:spring/spring-security.xml</param-value>

 </context-param>

 <listener>

<listener-class>

org.springframework.web.context.ContextLoaderListener

</listener-class>

 </listener>

 <filter>  

<filter-name>springSecurityFilterChain</filter-name>   <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>  

 </filter>  

 <filter-mapping>  

<filter-name>springSecurityFilterChain</filter-name>  

<url-pattern>/*</url-pattern>  

 </filter-mapping>

 

（3）spring目录下添加配置文件spring-security.xml

<!-- 以下页面不被拦截 -->

<http pattern="/login.html" security="none"></http>

<http pattern="/css/**" security="none"></http>

<http pattern="/img/**" security="none"></http>

<http pattern="/js/**" security="none"></http>

<http pattern="/plugins/**" security="none"></http>

 

<!-- 页面拦截规则 -->

<http use-expressions="false">

<intercept-url pattern="/*" access="ROLE_ADMIN" />

<form-login login-page="/login.html"  default-target-url="/admin/index.html" authentication-failure-url="/login.html" always-use-default-target="true"/>

<csrf disabled="true"/>

<headers>

<frame-options policy="SAMEORIGIN"/>

</headers>

</http>

 

<!-- 认证管理器 -->

<authentication-manager>

<authentication-provider>

<user-service>

<user name="admin" password="123456" authorities="ROLE_ADMIN"/>

<user name="sunwukong" password="dasheng" authorities="ROLE_ADMIN"/>

</user-service>

</authentication-provider>

</authentication-manager>

 

2.2.2登录页面

修改XXXX-web的 login.html

<form id="loginform" action="/login" method="post"  class="sui-form">

<div class="input-prepend"><span class="add-on loginname"></span>

<input id="prependedInput"  name="username" type="text" placeholder="邮箱/用户名/手机号" class="span2 input-xfat">

</div>

<div class="input-prepend"><span class="add-on loginpwd"></span>

<input id="prependedInput"  name="password" type="password" placeholder="请输入密码" class="span2 input-xfat">

</div>

<div class="setting">

<div id="slider">

<div id="slider_bg"></div>

<span id="label">>></span> <span id="labelTip">拖动滑块验证</span>

</div>

</div>

<div class="logined">

<a class="sui-btn btn-block btn-xlarge btn-danger" onclick="document:loginform.submit()" target="_blank">登  录</a>

</div>

</form>

2.3.1后端代码

在youlexuan-manager-web新建LoginController.java

package com.youlexuan.sellergoods.controller; import java.util.HashMap; import java.util.Map; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/login") public class LoginController { @RequestMapping("name") public Map name(){ String name=SecurityContextHolder.getContext() .getAuthentication().getName(); Map map=new HashMap(); map.put("loginName", name); return map ; } }

2.3.2前端代码

（1）新建loginService.js

//登陆服务层 app.service(‘loginService‘,function($http){ //读取登录人名称 this.loginName=function(){ return $http.get(‘../login/name.do‘); } });

（2）新建indexController.js

app.controller(‘indexController‘ ,function($scope,$controller   ,loginService){     //读取当前登录人   $scope.showLoginName=function(){ loginService.loginName().success( function(response){ $scope.loginName=response.loginName; } ); }     });

index.html页面上引入JS

<script type="text/javascript" src="../plugins/angularjs/angular.min.js"></script> <script type="text/javascript" src="../js/base.js"></script> <script type="text/javascript" src="../js/service/loginService.js"></script> <script type="text/javascript" src="../js/controller/indexController.js"></script>

指令

<body class="hold-transition skin-green sidebar-mini"  ng-app="youlexuan" ng-controller="indexController" ng-init="showLoginName ()">