SpringBoot-----Security程式安全配置模組
阿新 • • 發佈:2018-12-04
1、建立microcloud-security安全模組,提高程式碼的複用性
pom.xml
<?xml version="1.0"?> <project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>com.zemel</groupId> <artifactId>microcloud</artifactId> <version>1.0.0</version> </parent> <artifactId>microcloud-security</artifactId> <name>microcloud-security</name> <url>http://maven.apache.org</url> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> </dependencies> </project>
WebSecurityConfig.java繼承WebSecurityConfigurerAdapter.java
package com.zemel.security.config; import javax.annotation.Resource; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Resource public void configGloabl(AuthenticationManagerBuilder auth)throws Exception{ auth.inMemoryAuthentication().withUser("wendy").password("wendy").roles("USER") .and().withUser("admin").password("hello").roles("USER", "ADMIN"); } @Override protected void configure(HttpSecurity http) throws Exception { // 表示所有的訪問都必須認證,認證處理後才可以正常進行 http.httpBasic().and().authorizeRequests().anyRequest().fullyAuthenticated(); // 所有的rest服務一定要設定為無狀態,以提升操作效率和效能 http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); } }
3、在其他服務提供端匯入該依賴即可