欢迎访问 生活随笔!
TAG聚合

生活随笔

当前位置: 首页 > 前端技术 > javascript >内容正文

javascript

Spring Security 应用详解 集成SpringBoot —— 简单入门

发布时间:2025/4/16 javascript 48 豆豆
生活随笔 收集整理的这篇文章主要介绍了 Spring Security 应用详解 集成SpringBoot —— 简单入门 小编觉得挺不错的,现在分享给大家,帮大家做个参考.

spring 容器配置

SpringBoot工程启动会自动扫描启动类所在包下的所有Bean,加载到spring容器。
1)Spring Boot配置文件
在resources下添加application.properties,内容如下:

application.properties

server.port=8080 server.servlet.context-path=/security-springboot spring.application.name = security-springbootspring.mvc.view.prefix=/WEB-INF/view/ spring.mvc.view.suffix=.jsp

2)Spring Boot 启动类

SecuritySpringBootApp.java

package com.dym.security.springboot;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;@SpringBootApplication @EnableAutoConfiguration(exclude={DataSourceAutoConfiguration.class}) public class SecuritySpringBootApp {public static void main(String[] args) {SpringApplication.run(SecuritySpringBootApp.class,args);} }

Servlet Context配置
由于Spring boot starter自动装配机制,这里无需使用@EnableWebMvc与@ComponentScan,WebConfig如下

WebConfig.java

package com.dym.security.springboot.config;import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;@Configuration//就相当于springmvc.xml文件 public class WebConfig implements WebMvcConfigurer {@Overridepublic void addViewControllers(ViewControllerRegistry registry) {registry.addViewController("/").setViewName("redirect:/login");}}

安全配置
由于Spring boot starter自动装配机制,这里无需使用@EnableWebSecurity,WebSecurityConfig内容如下

WebSecurityConfig.java

package com.dym.security.springboot.config;import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.provisioning.InMemoryUserDetailsManager;@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter {//定义用户信息服务(查询用户信息)@Beanpublic UserDetailsService userDetailsService(){InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();manager.createUser(User.withUsername("zhangsan").password("123").authorities("p1").build());manager.createUser(User.withUsername("lisi").password("456").authorities("p2").build());return manager;}//密码编码器@Beanpublic PasswordEncoder passwordEncoder(){return NoOpPasswordEncoder.getInstance();}//安全拦截机制(最重要)@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/r/r1").hasAuthority("p1").antMatchers("/r/r2").hasAuthority("p2").antMatchers("/r/**").authenticated()//所有/r/**的请求必须认证通过.anyRequest().permitAll()//除了/r/**,其它的请求可以访问.and().formLogin()//允许表单登录.successForwardUrl("/login-success");//自定义登录成功的页面地址} }

LoginController.java

package com.dym.security.springboot.controller;import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController;@RestController public class LoginController {@RequestMapping(value = "/login-success",produces = {"text/plain;charset=UTF-8"})public String loginSuccess(){return " 登录成功";}/*** 测试资源1* @return*/@GetMapping(value = "/r/r1",produces = {"text/plain;charset=UTF-8"})public String r1(){return " 访问资源1";}/*** 测试资源2* @return*/@GetMapping(value = "/r/r2",produces = {"text/plain;charset=UTF-8"})public String r2(){return " 访问资源2";} }

总结

以上是生活随笔为你收集整理的Spring Security 应用详解 集成SpringBoot —— 简单入门的全部内容,希望文章能够帮你解决所遇到的问题。

如果觉得生活随笔网站内容还不错,欢迎将生活随笔推荐给好友。