SpringSecurity常见用法备忘
Posted 星时代曹波涛
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SpringSecurity常见用法备忘相关的知识,希望对你有一定的参考价值。
package com.botao.securitydemo1.config;
import com.botao.securitydemo1.Service.UserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import java.util.ArrayList;
import java.util.Collection;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
/**
* 请求授权的规则
*/
http.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/a/**").hasRole("vip1")
.antMatchers("/b/**").hasRole("vip2")
.antMatchers("/c/**").hasRole("vip3").anyRequest().authenticated();
http.formLogin();
//登录
//http.formLogin().loginPage("/login").loginProcessingUrl("/check").usernameParameter("username").passwordParameter("psw");
//退出
//http.logout().logoutUrl("/logout").logoutSuccessUrl("/").permitAll();
//记住我
//http.rememberMe().rememberMeParameter("remember");
//关闭csrf
http.csrf().disable();
//没有权限就进xxx.html(403)
//http.exceptionHandling().accessDeniedPage("/xxx.html");
}
//认证
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("a").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1")
.and()
.withUser("b").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2")
.and()
.withUser("c").password(new BCryptPasswordEncoder().encode("123456")).roles("ivp3")
.and()
.withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1", "vip2", "vip3");
}
}
以上是关于SpringSecurity常见用法备忘的主要内容,如果未能解决你的问题,请参考以下文章