配置Spring Security的登入使用者密碼的三種方式
阿新 • • 發佈:2021-02-06
在這之前所需要的依賴以及其他配置
maven依賴
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId >org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId >
<version>2.0.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</ dependency>
其他配置
server.port=8081
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.suffix=.html
index頁面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
hello security
</body>
</html>
控制器
@Controller
@RequestMapping("/test")
public class TestController {
@RequestMapping("/index")
public String index(){
return "index";
}
}
方式一:通過配置檔案配置使用者和密碼
#方式一:配置配置檔案
spring.security.user.name=zhangsan
spring.security.user.password=zhangsan
執行效果:
方式二:通過配置類繼承WebSecurityConfigurerAdapter重寫其中configure(WebSecurity web)方法
注意:在配置密碼時要加密需要使用PasswordEncoder來對密碼進行加密,否則會報錯,錯誤如下
java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
配置類:
/**
* 方式二:通過配置類繼承WebSecurityConfigurerAdapter重寫其中configure(WebSecurity web)方法
* 注意:在配置密碼時要加密需要使用PasswordEncoder來對密碼進行加密,否則會報錯,錯誤如下
* java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
public void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String passw = passwordEncoder.encode("123");
auth.inMemoryAuthentication().withUser("lisi").password("123").roles("admin");
//也可通過jdbc獲取使用者密碼
//auth.jdbcAuthentication()
}
@Bean
public PasswordEncoder encoder(){
return new BCryptPasswordEncoder();
}
}
執行結果
方式三:通過UserDetailsService自定義實現類設定(比較經常使用)
**第一步:建立配置類,配置使用那個UserDetailsService **
/**
* 方式三:通過UserDetailsService自定義實現類設定
*/
@Configuration
public class SecurityConfigTest extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(encoder());
}
@Bean
public PasswordEncoder encoder(){
return new BCryptPasswordEncoder();
}
}
第二步:實現UserDetailsService類
@Service("userDetailsService")
public class MyUserDetailsService implements Use![在這裡插入圖片描述](https://img-blog.csdnimg.cn/20210113095204779.gif#pic_center)
rDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
List<GrantedAuthority> auths = AuthorityUtils.commaSeparatedStringToAuthorityList("role");
//許可權不能為空,一般是從資料庫中讀取
return new User("zhaoliu",new BCryptPasswordEncoder().encode("abcde"),auths);
}
}
執行效果: