springboot2.1.4 与security5用户认证学习笔记
2024-04-25 21:36:54
1、学习这个用了4天终于弄出来
2、刚调试成功做个笔记
pom.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.1.4.RELEASE</version><relativePath/> <!-- lookup parent from repository --></parent><groupId>com.eSpringSecurity</groupId><artifactId>demo</artifactId><version>0.0.1-SNAPSHOT</version><name>demo</name><description>Demo project for Spring Boot</description><properties><java.version>1.8</java.version></properties><dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-thymeleaf</artifactId></dependency><dependency><groupId>org.thymeleaf.extras</groupId><artifactId>thymeleaf-extras-springsecurity5</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.mybatis.spring.boot</groupId><artifactId>mybatis-spring-boot-starter</artifactId><version>2.0.1</version></dependency><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId><scope>runtime</scope></dependency><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId><optional>true</optional></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope></dependency><dependency><groupId>org.springframework.security</groupId><artifactId>spring-security-test</artifactId><scope>test</scope></dependency><!-- https://mvnrepository.com/artifact/com.alibaba/druid --><dependency><groupId>com.alibaba</groupId><artifactId>druid</artifactId><version>1.1.9</version></dependency><!-- https://mvnrepository.com/artifact/log4j/log4j --><dependency><groupId>log4j</groupId><artifactId>log4j</artifactId><version>1.2.17</version></dependency><!-- https://mvnrepository.com/artifact/com.github.pagehelper/pagehelper-spring-boot-starter --><dependency><groupId>com.github.pagehelper</groupId><artifactId>pagehelper-spring-boot-starter</artifactId><version>1.2.10</version></dependency><dependency><groupId>org.mybatis.spring.boot</groupId><artifactId>mybatis-spring-boot-starter</artifactId><version>2.0.1</version></dependency><!--配置js.scc--><!-- https://mvnrepository.com/artifact/org.webjars/bootstrap --><dependency><groupId>org.webjars</groupId><artifactId>bootstrap</artifactId><version>4.3.1</version></dependency><!-- https://mvnrepository.com/artifact/org.webjars.bower/jquery --><dependency><groupId>org.webjars.bower</groupId><artifactId>jquery</artifactId><version>3.3.1</version></dependency><!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 --><dependency><groupId>org.apache.commons</groupId><artifactId>commons-lang3</artifactId><version>3.8.1</version></dependency><dependency><groupId>cn.hutool</groupId><artifactId>hutool-all</artifactId><version>4.5.7</version></dependency></dependencies><build><plugins><plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId></plugin></plugins></build></project>
application.properties
#thymelea模板配置
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.suffix=.html
spring.thymeleaf.mode=HTML5
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.servlet.content-type=text/html
#热部署文件,页面不产生缓存,及时更新# 开发阶段务必关闭缓存 (=false)
spring.thymeleaf.cache=false
spring.resources.chain.strategy.content.enabled=true
spring.resources.chain.strategy.content.paths=/**
#logging.level.com.dy.springboot.server.mapper=debug
spring.jackson.date-format=yyyy-MM-dd HH:mm:ss
spring.jackson.time-zone=GMT+8
server.port=8080application.yml
spring:datasource:username: root
# password: rootpassword: 123456url: jdbc:mysql://localhost:3306/ssm_crud?useUnicode=true&characterEncoding=UTF-8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTCtype: com.alibaba.druid.pool.DruidDataSourceinitialSize: 5minIdle: 5maxActive: 20maxWait: 60000timeBetweenEvictionRunsMillis: 60000minEvictableIdleTimeMillis: 300000validationQuery: SELECT 1 FROM DUALtestWhileIdle: truetestOnBorrow: falsetestOnReturn: falsepoolPreparedStatements: true# 配置监控统计拦截的filters,去掉后监控界面sql无法统计,'wall'用于防火墙filters: stat,wall,log4jmaxPoolPreparedStatementPerConnectionSize: 20useGlobalDataSourceStat: trueconnectionProperties: druid.stat.mergeSql=true;druid.stat.slowSqlMillis=500
mybatis:# 指定全局配置文件位置config-location: classpath:generator/mybatis-config.xml# 指定sql映射文件位置mapper-locations: classpath:mapping/*.xml
# schema:
# - classpath:department.sql
log4j.properties
log4j.rootCategory=INFO, stdout , logfilelog4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=[SeleniumAutoConsole] %p [%t] %C.%M(%L) | %m%nlog4j.appender.logfile.encoding=UTF-8
log4j.appender.logfile=org.apache.log4j.DailyRollingFileAppender
log4j.appender.logfile.File=logs/logs.log
#log4j.appender.logfile.DatePattern='.'yyyy-MM-dd'.log'
#log4j.appender.logfile.Append=true
log4j.appender.logfile.layout=org.apache.log4j.PatternLayout
log4j.appender.logfile.layout.ConversionPattern=%d-[SeleniumAutoFile] %p [%t] %C.%M(%L) - %m%nconfig
DruidConfig
package com.espringsecurity.config;import com.alibaba.druid.pool.DruidDataSource;
import com.alibaba.druid.support.http.StatViewServlet;
import com.alibaba.druid.support.http.WebStatFilter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;import javax.sql.DataSource;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;/*** @author liwen406* @Title: DruidConfig* @Description:* @date 2018/12/21 / 22:43*/
@Configuration
public class DruidConfig {@ConfigurationProperties(prefix = "spring.datasource")@Beanpublic DataSource druid() {return new DruidDataSource();}/*** 配置Druid的监控* 1、配置一个管理后台的Servlet* @return*/@Beanpublic ServletRegistrationBean statViewServlet() {ServletRegistrationBean bean = new ServletRegistrationBean(new StatViewServlet(), "/druid/*");Map<String, String> initParams = new HashMap<>();initParams.put("loginUsername", "admin");initParams.put("loginPassword", "123456");默认就是允许所有访问initParams.put("allow", "");initParams.put("deny", "192.168.15.21");bean.setInitParameters(initParams);return bean;}/**2、配置一个web监控的filter*/@Beanpublic FilterRegistrationBean webStatFilter() {FilterRegistrationBean bean = new FilterRegistrationBean();bean.setFilter(new WebStatFilter());Map<String, String> initParams = new HashMap<>();initParams.put("exclusions", "*.js,*.css,/druid/*");bean.setInitParameters(initParams);bean.setUrlPatterns(Arrays.asList("/*"));return bean;}}
MyBatisConfig
package com.espringsecurity.config;import com.github.pagehelper.PageHelper;
import org.apache.ibatis.session.Configuration;
import org.mybatis.spring.boot.autoconfigure.ConfigurationCustomizer;
import org.springframework.context.annotation.Bean;import java.util.Properties;/***配置文件* @author liwen406* @date 2019-04-20 12:14 2019-04-20 13:20*/
@org.springframework.context.annotation.Configuration
public class MyBatisConfig {/*** 目的防止驼峰命名规则* @return*/@Beanpublic ConfigurationCustomizer configurationCustomizer(){return new ConfigurationCustomizer(){@Overridepublic void customize(Configuration configuration) {configuration.setMapUnderscoreToCamelCase(true);}};}/*** 分页插件* @return*/@Beanpublic PageHelper pageHelper() {
// System.out.println("MyBatisConfiguration.pageHelper()");PageHelper pageHelper = new PageHelper();Properties p = new Properties();p.setProperty("offsetAsPageNum", "true");p.setProperty("rowBoundsWithCount", "true");p.setProperty("reasonable", "true");pageHelper.setProperties(p);return pageHelper;}
}
MyPasswordEncoder
import org.springframework.security.crypto.password.PasswordEncoder;/*** @author liwen406* @Title: MyPasswordEncoder* @Description:* @date 2019/5/4 / 18:20*/
public class MyPasswordEncoder implements PasswordEncoder {@Overridepublic String encode(CharSequence charSequence) {return charSequence.toString();}@Overridepublic boolean matches(CharSequence charSequence, String s) {return s.equals(charSequence.toString());}}
WebMvcConfig
/*** @author liwen406* @Title: WebMvcConfig* @Description:* @date 2019/4/29 / 13:00*/
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {@Overridepublic void addResourceHandlers(ResourceHandlerRegistry registry) {registry.addResourceHandler("/static/**").addResourceLocations("classpath:/static/");}}
WebSecurityConfig
import com.espringsecurity.pojo.User;
import com.espringsecurity.service.PasswordEncoder;
import com.espringsecurity.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;import javax.annotation.Resource;/*** @author liwen406* @Title: WebSecurityConfig* @Description:* @date 2019/5/4 / 18:18*/
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {@Resourceprivate UserService<User> userService;/*** 认证请求规则** @param http* @throws Exception*/@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/level1/**").hasRole("VIP1").antMatchers("/level2/**").hasRole("VIP2").antMatchers("/level3/**").hasRole("VIP3");// 注销账号http.logout().logoutSuccessUrl("/");/****************** 默认的 ****************/// 默认登录表单http.formLogin();// 记住我http.rememberMe();/****************** 定制的 ****************/// 定制页面和参数,默认名称:username,passwordhttp.formLogin().loginPage("/login").usernameParameter("username").passwordParameter("passowrd");// 定制记住我http.rememberMe().rememberMeParameter("remember");}/*** 授权** @param auth* @throws Exception*/@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.userDetailsService(userService).passwordEncoder(new PasswordEncoder());}}
controller
package com.espringsecurity.controller;import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;/*** @author liwen406* @Title: PageController* @Description:* @date 2019/5/4 / 18:20*/
@Controller
public class PageController {@GetMapping({"/", "", "/index"})public String index() {return "index";}// 定制的登录表单@GetMapping("/login")public String login() {return "login";}@GetMapping("level1")@ResponseBodypublic String level1() {return "level1 拥有角色VIP1";}@GetMapping("level2")@ResponseBodypublic String level2() {return "level2 拥有角色VIP2";}@GetMapping("level3")@ResponseBodypublic String level3() {return "level3 拥有角色VIP3";}}
dao
import com.espringsecurity.pojo.User;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Select;/*** @author liwen406* @Title: UserDao* @Description:* @date 2019/5/4 / 18:58*/
@Mapper
public interface UserDao {@Select("SELECT * from usersys WHERE username = #{userName}")User findByUsername(String username);
}
pojo
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;/*** @author liwen406* @Title: User* @Description:* @date 2019/5/4 / 18:33*/
@Data
@AllArgsConstructor
@NoArgsConstructor
public class User {private Integer id;private String userName;private String password;private String roles;
}
service
import cn.hutool.core.util.StrUtil;
import com.espringsecurity.dao.UserDao;
import com.espringsecurity.pojo.User;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;import java.util.ArrayList;/*** @author liwen406* @Title: UserService* @Description:* @date 2019/5/4 / 18:32*/
@Log4j2
@Service
public class UserService<T extends User> implements UserDetailsService {@AutowiredUserDao userDao;@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {try {User user = userDao.findByUsername(username);if (user == null) {throw new UsernameNotFoundException("用户不存在");}ArrayList<SimpleGrantedAuthority> authorities = new ArrayList<>(1);if (StrUtil.isNotBlank(user.getRoles())) {String[] roles = user.getRoles().split(",");for (String role : roles) {if (!StrUtil.isBlank(role)) {authorities.add(new SimpleGrantedAuthority("ROLE_"+role.trim()));}}}log.info("前端用户名" + username + "==" + user.getPassword());return new org.springframework.security.core.userdetails.User(user.getUserName(), user.getPassword(), authorities);} catch (UsernameNotFoundException e) {e.printStackTrace();}return null;}}
PasswordEncoder
import com.espringsecurity.utils.MD5Util;/*** @author liwen406* @Title: PasswordEncoder* @Description:* @date 2019/5/4 / 18:56*/
public class PasswordEncoder implements org.springframework.security.crypto.password.PasswordEncoder {@Overridepublic String encode(CharSequence rawPassword) {return MD5Util.encode((String) rawPassword);}@Overridepublic boolean matches(CharSequence rawPassword, String encodedPassword) {//user Details Service验证return encodedPassword.equals(MD5Util.encode((String) rawPassword));}}
MD5Util
package com.espringsecurity.utils;import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;/*** @author liwen406* @Title: MD5Util* @Description:* @date 2019/5/4 / 18:56*/
public class MD5Util {public static final int time = 5;public static final String SALT = "springsecurity";/*** 密码加密方法** @param password* @return*/public static String encode(String password) {MessageDigest digest;try {digest = MessageDigest.getInstance("MD5");} catch (NoSuchAlgorithmException e) {throw new IllegalStateException("MD5 algorithm not available. Fatal (should be in the JDK).");}try {for (int i = 0; i < time; i++) {byte[] bytes = digest.digest((password + SALT).getBytes("UTF-8"));password = String.format("%032x", new BigInteger(1, bytes));}return password;} catch (UnsupportedEncodingException e) {throw new IllegalStateException("UTF-8 encoding not available. Fatal (should be in the JDK).");}}public static void main(String[] args) {System.out.println(MD5Util.encode("123456"));}
}
html
index.html
<html xmlns:th="http://www.thymeleaf.org"xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
<head><meta charset="UTF-8"><title>SpringBoot 整合 SpringSecurity</title>
</head>
<body>
<h2 align="center">SpringBoot 整合 SpringSecurity 实现登录、授权案例</h2>
<div sec:authorize="!isAuthenticated()"><h4 align="center">游客您好,<a th:href="@{/login}">请登录</a></h4>
</div>
<div sec:authorize="isAuthenticated()"><h4><span sec:authentication="name"></span>,您拥有的角色:<span sec:authentication="principal.authorities"></span></h4><form th:action="@{/logout}" method="post"><input type="submit" value="注销"/></form>
</div>
<hr>
<ul><div sec:authorize="hasRole('VIP1')"><li><a th:href="@{/level1}">VIP1,可以访问</a></li></div><div sec:authorize="hasRole('VIP2')"><li><a th:href="@{/level2}">VIP2,可以访问</a></li></div><div sec:authorize="hasRole('VIP3')"><li><a th:href="@{/level3}">VIP3,可以访问</a></li></div>
</ul>
</body>
</html>
login.html
<html xmlns:th="http://www.thymeleaf.org">
<head><meta charset="UTF-8"><title>美丽的开始</title>
</head>
<body>
<h2 align="center">我们要加油学习登录页面</h2>
<hr>
<form th:action="@{/login}" method="post" style="margin: auto; width: 200px;">用户名:<input type="text" name="username"><br>密码:<input type="password" name="passowrd"><br><input type="checkbox" name="remember"> 记住我<br><input type="submit" value="登录">
</form>
</body>
</html>
转载于:https://blog.51cto.com/357712148/2388932
springboot2.1.4 与security5用户认证学习笔记相关推荐
- 七天入门linux,RHCE认证学习笔记-第七天
RHCE认证学习笔记-第七天 1.系统启动过程: BIOS初始化-->引导程序(Bootloader)-->内核初始化-->进程(Init)-->用户程序 (1)BIOS初始化 ...
- 红帽认证学习笔记-破解密码
红帽认证学习笔记-破解密码 1. 启动的时候,在启动界面,相应启动项,内核名称上按"e": 2. 进入后,找到linux16开头的地方,按"end"键到最后,输 ...
- linux没有.brashrc文件,RHCE认证学习笔记-第四天
RHCE认证学习笔记-第四天 1.mail -s 主题 邮箱地址 2.tr -'A-Z' 'a-z' <.bashrc> 3.文件系统: group:superblock:类型.大小.状态 ...
- JavaWeb-综合案例(用户信息)-学习笔记06【复杂条件查询功能】
Java后端 学习路线 笔记汇总表[黑马程序员] JavaWeb-综合案例(用户信息)-学习笔记01[列表查询] JavaWeb-综合案例(用户信息)-学习笔记02[登录功能] JavaWeb-综合案 ...
- JavaWeb-综合案例(用户信息)-学习笔记05【分页查询功能】
Java后端 学习路线 笔记汇总表[黑马程序员] JavaWeb-综合案例(用户信息)-学习笔记01[列表查询] JavaWeb-综合案例(用户信息)-学习笔记02[登录功能] JavaWeb-综合案 ...
- JavaWeb-综合案例(用户信息)-学习笔记04【删除选中功能】
Java后端 学习路线 笔记汇总表[黑马程序员] JavaWeb-综合案例(用户信息)-学习笔记01[列表查询] JavaWeb-综合案例(用户信息)-学习笔记02[登录功能] JavaWeb-综合案 ...
- JavaWeb-综合案例(用户信息)-学习笔记02【登录功能】
Java后端 学习路线 笔记汇总表[黑马程序员] JavaWeb-综合案例(用户信息)-学习笔记01[列表查询] JavaWeb-综合案例(用户信息)-学习笔记02[登录功能] JavaWeb-综合案 ...
- JavaWeb-综合案例(用户信息)-学习笔记01【列表查询】
Java后端 学习路线 笔记汇总表[黑马程序员] JavaWeb-综合案例(用户信息)-学习笔记01[列表查询] JavaWeb-综合案例(用户信息)-学习笔记02[登录功能] JavaWeb-综合案 ...
- mysql root密码忘记2018_MySQL数据库之2018-03-28设置及修改mysql用户密码学习笔记
本文主要向大家介绍了MySQL数据库之2018-03-28设置及修改mysql用户密码学习笔记 ,通过具体的内容向大家展现,希望对大家学习MySQL数据库有所帮助. 退出mysql方法 quit或者e ...
最新文章
- Android系统手机端抓包方法
- 新版蚂蚁网有抄袭怪兽吗?
- 12面魔方公式图解法_【高级篇】(三)三阶魔方CFOP高级玩法之——F2L
- Flutter开发Flutter与原生OC、Java的交互通信-2(48)
- Lock 与 InterruptedException
- 小米平板android版本,除了安卓MIUI7,小米平板2为什么要推出Win10版?
- Chapter 2 Open Book——34
- java 使用 idea 调试 ysoserial
- Linux 统计某个字符串出现的次数
- 【源码】otter工程结构
- 十八款为设计师提供的免费工具
- android实现资源嗅探器手机版,OPPO Reno尝鲜Android Q教程来了
- 新发现几个百度网盘/阿里云盘搜索资源站,还能查询网盘提取码
- matlab 添加断点,matlab设置断点
- 如何压缩word文档的大小?
- TX2-刷机完成后安装程序ubuntu_linux命令TX2学习总结
- PrimoCache2.2.0汉化程序与2.0.0的交叉使用
- Ajax 跨域请求详解
- docker入门级详解
- 华硕飞行堡垒7开启虚拟化