3 spring boot security 加密版本
阿新 • • 發佈:2019-01-07
接著第2篇
(1)將WebSecurityConfig修改為
package com.example.chenweb1.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @EnableWebSecurity // 註解開啟Spring Security的功能 //WebSecurityConfigurerAdapter:重寫它的方法來設定一些web的安全西街 public class WebSecurityConfig extends WebSecurityConfigurerAdapter { /* @Bean public static NoOpPasswordEncoder passwordEncoder() { return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); } */ @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() //定義哪些url需要保護,哪些url不需要保護 .antMatchers("/chen", "/message/").permitAll() //定義不需要認證就可以訪問 .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") //定義當需要使用者登入時候,轉到的登入頁面 .permitAll() .and() .logout() .permitAll(); http.csrf().disable(); http.formLogin().defaultSuccessUrl("/index"); } @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { BCryptPasswordEncoder passwordEncoder =new BCryptPasswordEncoder(); String password = passwordEncoder.encode("111"); auth .inMemoryAuthentication() // .withUser("user").password("111").roles("USER"); .withUser("user").password(password).roles("USER"); //在記憶體中建立了一個使用者,該使用者的名稱為user,密碼為password,使用者角色為USER } }
(2)啟動後輸入user ,密碼111