詳解Springboot2.3整合Spring security 框架(原生整合)
阿新 • • 發佈:2020-08-13
0、pom
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.3.0.RELEASE</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.jack</groupId> <artifactId>demo</artifactId> <version>0.0.1-SNAPSHOT</version> <packaging>war</packaging> <name>demo</name> <description>Demo project for Spring Security</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-tomcat</artifactId> <scope>provided</scope> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>org.junit.vintage</groupId> <artifactId>junit-vintage-engine</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> <scope>test</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>
1、SpringSecurityConfig(security配置)
// 手動定義使用者認證 和 // 關聯使用者Service認證 二者取一
這裡測試用的是 手動定義使用者認證!!!
package com.jack.demo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
/**
* @program: demo
* @description: Security 配置
* @author: Jack.Fang
* @date:2020-06-01 1541
**/
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private MyUserService myUserService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 手動定義使用者認證
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("ADMIN");
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("jack").password(new BCryptPasswordEncoder().encode("fang")).roles("USER");
// 關聯使用者Service認證
//auth.userDetailsService(myUserService).passwordEncoder(new MyPasswordEncoder());
// 預設jdbc認證
// auth.jdbcAuthentication().usersByUsernameQuery("").authoritiesByUsernameQuery("").passwordEncoder(new MyPasswordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").permitAll()
.anyRequest().authenticated()
.and()
.logout().permitAll()
.and()
.formLogin();
http.csrf().disable();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/js/**","/css/**","/image/**");
}
}2、MyPasswordEncoder(自定義密碼比較)
package com.jack.demo;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @program: demo
* @description: 密碼加密
* @author: Jack.Fang
* @date:2020-06-01 1619
**/
public class MyPasswordEncoder implements PasswordEncoder {
@Override
public String encode(CharSequence charSequence) {
return new BCryptPasswordEncoder().encode(charSequence.toString());
}
@Override
public boolean matches(CharSequence charSequence,String s) {
return new BCryptPasswordEncoder().matches(charSequence,s);
}
}3、MyUserService(自行實現的使用者登入介面)
具體內容 省略。這裡測試用的是SpringSecurityConfig手動新增使用者名稱與密碼。
package com.jack.demo;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
/**
* @program: demo
* @description: 使用者
* @author: Jack.Fang
* @date:2020-06-01 1617
**/
@Component
public class MyUserService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
return null;
}
}
4、啟動類(測試)
DemoApplication.java
package com.jack.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
@EnableGlobalMethodSecurity(prePostEnabled = true)
@RestController
@SpringBootApplication
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class,args);
}
@RequestMapping("/")
public String index(){
return "hello Spring Security!";
}
@RequestMapping("/hello")
public String hello(){
return "hello !";
}
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping("/roleAdmin")
public String role() {
return "admin auth";
}
@PreAuthorize("#id<10 and principal.username.equals(#username) and #user.username.equals('abc')")
@PostAuthorize("returnObject%2==0")
@RequestMapping("/test")
public Integer test(Integer id,String username,User user) {
// ...
return id;
}
@PreFilter("filterObject%2==0")
@PostFilter("filterObject%4==0")
@RequestMapping("/test2")
public List<Integer> test2(List<Integer> idList) {
// ...
return idList;
}
}
測試hello介面(http://localhost:8080/hello)
未登入跳轉登入頁
登入SpringSecurityConfig配置的admin賬號與密碼123456
成功呼叫hello
測試roleAdmin(登入admin 123456成功,登入jack fang訪問則失敗)
登出 logout
到此這篇關於詳解Springboot2.3整合Spring security 框架(原生整合)的文章就介紹到這了,更多相關Springboot2.3整合Spring security 內容請搜尋我們以前的文章或繼續瀏覽下面的相關文章希望大家以後多多支援我們!