Spring Security動態認證使用者資訊
阿新 • • 發佈:2020-11-05
新建CustomUserDetailsService類
package com.mengxuegu.security; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Component; @Component("customUserDetailsService") public class CustomUserDetailsService implements UserDetailsService { Logger logger = LoggerFactory.getLogger(getClass()); @Autowired PasswordEncoder passwordEncoder; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { logger.info("請求認證的使用者名稱:"+username); //1.通過請求的使用者名稱去資料庫中查詢使用者資訊 if(!"meng".equalsIgnoreCase(username)){ throw new UsernameNotFoundException("使用者名稱或密碼錯誤"); } String password = passwordEncoder.encode("1234"); //2.查詢該使用者有哪些許可權 //3.封裝使用者資訊和許可權資訊 return new User(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList("ADMIN")); } }
配置SpringSecurityConfig
package com.mengxuegu.security.config; import com.mengxuegu.security.properties.AuthenticationProperties; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * alt+/ 導包 * ctrl+o 覆蓋 * @Auther: 夢學谷 www.mengxuegu.com */ @EnableWebSecurity // 開啟springsecurity過濾鏈 filter public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { Logger logger = LoggerFactory.getLogger(getClass()); @Autowired private AuthenticationProperties authenticationProperties; @Bean public PasswordEncoder passwordEncoder(){ // 明文+隨機鹽值-》加密儲存 return new BCryptPasswordEncoder(); } @Autowired UserDetailsService customUserDetailsService; /** * 認證管理器: * 1. 認證資訊(使用者名稱,密碼) * @param auth * @throws Exception */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { // String password = passwordEncoder().encode("123456"); // logger.info("加密之後儲存的密碼:"+password); // auth.inMemoryAuthentication().withUser("root").password(password).authorities("ADMIN"); auth.userDetailsService(customUserDetailsService); } /** * 資源許可權配置: * 1. 被攔截的資源 * @param http * @throws Exception */ @Override protected void configure(HttpSecurity http) throws Exception { System.out.println("使用者認證"); // http.httpBasic() // 採用 httpBasic認證方式 http.formLogin() // 表單登入方式 .loginPage(authenticationProperties.getLoginPage()) //配置登入頁面 .loginProcessingUrl(authenticationProperties.getLoginProcessingUrl()) //登入表單提交處理url,預設是/login .usernameParameter(authenticationProperties.getUsernameParameter()) .passwordParameter(authenticationProperties.getPasswordParameter()) .and() .authorizeRequests() // 認證請求 .antMatchers(authenticationProperties.getLoginPage()).permitAll() .anyRequest().authenticated() //所有訪問該應用的http請求都要通過身份認證才可以訪問 ; // 注意不要少了分號 } /** * 一般針對靜態資源放行 * @param web */ @Override public void configure(WebSecurity web) { web.ignoring().antMatchers(authenticationProperties.getStaticPaths()); } }