springboot security

开启security过滤支持：

建立一个初始化类继承

AbstractSecurityWebApplicationInitializer

在配置类中添加@EnableWebSecutity 注解。

 

配置认证与受权：

继承 WebSecurityConfigurerAdapter

实现configure 方法

configure(AuthenticationManagerBuilder auth)

针对用户管理（用户来源，用户密码效验规则）

configure(HttpSecurity http)

请求拦截。

 

自定义数据源：

实现 UserDetailsService 接口

重写加载用户的方法：

@Service
public class SysUserServiceImpl implements UserDetailsService, SysUserService {
    @Autowired
    SysUserRepo repo;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        SysUser user = repo.findByName(username);
　　　　　
        if(user==null){
            throw  new UsernameNotFoundException("用户不存在");
        }
        return user;
    }
}

注册bean

@Bean
    public UserDetailsService userDetailsService(){
        return new SysUserServiceImpl();
    }

 

用户受权配置

@Override
    protected void configure(HttpSecurity http) throws Exception {
//        super.configure(http);
        // http 用户受权请求
        http.authorizeRequests()
//                .antMatchers("/admin/**")
//                .hasAnyRole("ROLE_ADMIN")
                // 任何请求进行受权验证
                .anyRequest().authenticated()
                .and()
                // 登陆注册
                .formLogin()
                .loginPage("/login")
                .failureUrl("/login?error")
                .permitAll()
                .and()
                .logout().permitAll();
    }

 

springboot 添加依赖：

implementation 'org.springframework.boot:spring-boot-starter-security'

经过实体类实现UserDetails接口，并重写获取受权方法，而且新建一个实现UserDetailsService 的类，并注册bean

getAuthorities

package com.duoke.demo.pojo;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import javax.persistence.*;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * 定义系统用户
 */
@Entity
public class SysUser implements UserDetails{
    @Id
    private String id;

    private String name;

    private String password;

    @ManyToMany(cascade = {CascadeType.REFRESH},fetch = FetchType.EAGER)
    private List<SysRole> roles;

    public String getId() {
        return id;
    }

    public void setId(String id) {
        this.id = id;
    }

    public String getName() {
        return name;
    }

    public void setName(String name) {
        this.name = name;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public List<SysRole> getRoles() {
        return roles;
    }

    public void setRoles(List<SysRole> roles) {
        this.roles = roles;
    }

    @Override
    // 添加用户叫角色受权信息
    public Collection<? extends GrantedAuthority> getAuthorities() {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        List<SysRole> roles = this.getRoles();
        for (SysRole role:roles) {
            authorities.add(new SimpleGrantedAuthority(role.getName()));
        }
        return authorities;
    }

    @Override
    public String getPassword() {
        return password;
    }

    @Override
    public String getUsername() {
        return null;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}