springBoot+mybatis+springsecurity整合!
来源:互联网 发布:金庸对悟空传评价知乎 编辑:程序博客网 时间:2024/06/05 13:30
首先项目是maven工程,创建maven工程相信大家一定不陌生了。下面咱们直接进入主题。
首先搭建springBoot工程,pom.xml里面添加这些jar信息,就足够了,因为springBoot非常强大,
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.5.RELEASE</version>
</parent>
<properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding></properties><dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency></dependencies>
创建启动类
@SpringBootApplication public class Application extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
public static void main(String[] args) { SpringApplication.run(Application.class, args);}
}
创建配置文件application.properties,因为springBoot会默认取加载这个配置文件
项目根路径
server.context-path=/bry
项目端口号
server.port=8090
是不是非常简单,下面在创建页面,通过controller访问页面,这一套跟springMVC就很像了,
咱们使用thymeleaf模板来处理页面,代替视图解析器, <dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
在src/main/resources下面创建static和templates包,默认的静态资源是放在static里面的,页面是放在
templates里面的,当然可以自己去配置目录,但是没有必要,既然springBoot给我们提供了这么好的便利,我们为什么不用呢?
接下来,在templates里面定义一个index.html
在定义一个controller,加一个跳转的方法
@RequestMapping(value = { “index”}, method = RequestMethod.GET)
public String gotoIndex(Model model) {
return “index”;
}
这样就可以跳转到页面了,因为我们使用了强大的thymeleaf,一切他帮助我们处理了,
现在最简单的工程我们已经搭建起来了,是不是超级简单!
下面来说一下怎么整合mybatis:
1.还是整合jar,也就是编写pom.xml, <dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.1.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
2.声明Mapper 接口和实现Mapper 的xml, 注意接口需要加上@Mapper,会自动扫描注入,例如:
@Mapper
public interface UserMapper (){}
然后定义UserMapper.xml,里面的内容跟mybatis写法一致,不在啰嗦.
3.application.properties加入连接数据库的信息:
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://IP:3306/springSecurityTest?characterEncoding=utf8&useSSL=true
spring.datasource.username=root
spring.datasource.password=root
spring.datasource.max-active=20
spring.datasource.max-idle=8
spring.datasource.min-idle=8
spring.datasource.initial-size=10
spring.datasource.validation-query=SELECT 1
spring.datasource.test-while-idle=true
spring.datasource.time-between-eviction-runs-millis=27800
如此简单就整合了mybatis,看看springBoot是不是非常牛气啊,真的得说太赞了,不用想以前那么繁琐的配置了
最后来说一下怎么整合springsecurity.
1.还是老规矩,配置pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>
application.properties什么都不用配置就行.
2.接下来的步骤有点繁琐,首先为了看到效果我们创建几个表和对应的实体类
sys_role表 字段id,name
sys_user表 字段id,username,password
sys_role_user表 字段id,Sys_User_id,Sys_Role_id
3.插入几条数据 INSERT INTO sys_role VALUES ('1', 'ROLE_ADMIN');
INSERT INTO sys_role VALUES ('2', 'ROLE_USER');
INSERT INTO sys_user VALUES ('1', 'admin', '6d789d4353c72e4f625d21c6b7ac2982');
INSERT INTO sys_user VALUES ('2', 'user', '36f1cab655c5252fc4f163a1409500b8');
INSERT INTO sys_role_user VALUES ('1', '1', '1');
INSERT INTO sys_role_user VALUES ('2', '2', '2');
4.创建对应的实体类:
public class SysRole {
private Integer id;
private String name;
public Integer getId() { return id;}public void setId(Integer id) { this.id = id;}public String getName() { return name;}public void setName(String name) { this.name = name;}
}
public class SysUser {
private Integer id;
private String username;
private String password;
private List<SysRole> roles;public Integer getId() { return id;}public void setId(Integer id) { this.id = id;}public String getUsername() { return username;}public void setUsername(String username) { this.username = username;}public String getPassword() { return password;}public void setPassword(String password) { this.password = password;}public List<SysRole> getRoles() { return roles;}public void setRoles(List<SysRole> roles) { this.roles = roles;}
}
5.接下来是配置类WebSecurityConfig
@Configuration //必须加这个注解,用于生成一个配置类,
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true) //启用Security注解
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
UserDetailsService customUserService() { // 注册UserDetailsService 的bean
return new CustomUserService();
}
/** * 配置.忽略的静态文件,不加的话,登录之前页面的css,js不能正常使用,得登录之后才能正常. */@Overridepublic void configure(WebSecurity web) throws Exception { // 忽略URL web.ignoring().antMatchers("/**/*.js", "/lang/*.json", "/**/*.css", "/**/*.js", "/**/*.map", "/**/*.html", "/**/*.png");}@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(customUserService()).passwordEncoder(new PasswordEncoder(){ //使用MD5获取加密之后的密码 @Override public String encode(CharSequence rawPassword) { return MD5Util.encode((String)rawPassword); } //验证密码 @Override public boolean matches(CharSequence rawPassword, String encodedPassword) { return encodedPassword.equals(MD5Util.encode((String)rawPassword)); }}); //user Details Service验证}@Overrideprotected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/").permitAll() //首页任意访问 .anyRequest().authenticated() // //其他所有资源都需要认证,登陆后才能访问 .and() .formLogin() .loginPage("/login") .defaultSuccessUrl("/", true)//登录成功之后跳转首页 .failureUrl("/login?error") //登录失败 返回error .permitAll() // 登录页面用户任意访问 .and() .logout().permitAll(); // 注销行为任意访问}
}
6.其中用到了md5加密工具 ,这个经常用,不再啰嗦,你也可以使用别的加密方式,
例如 BCryptPasswordEncoder public class MD5Util {
private static final String SALT = "tamboo";public static String encode(String password) { password = password + SALT; MessageDigest md5 = null; try { md5 = MessageDigest.getInstance("MD5"); } catch (Exception e) { throw new RuntimeException(e); } char[] charArray = password.toCharArray(); byte[] byteArray = new byte[charArray.length]; for (int i = 0; i < charArray.length; i++) byteArray[i] = (byte) charArray[i]; byte[] md5Bytes = md5.digest(byteArray); StringBuffer hexValue = new StringBuffer(); for (int i = 0; i < md5Bytes.length; i++) { int val = ((int) md5Bytes[i]) & 0xff; if (val < 16) { hexValue.append("0"); } hexValue.append(Integer.toHexString(val)); } return hexValue.toString();}public static void main(String[] args) { System.out.println(MD5Util.encode("admin")); System.out.println(MD5Util.encode("user"));}
}
7.新建 CustomUserService 用于将用户权限交给 springsecurity 进行管控; @Service
public class CustomUserService implements UserDetailsService {
@Autowired
UserMapper userMapper;
@Overridepublic UserDetails loadUserByUsername(String username) { // 重写loadUserByUsername 方法获得 userdetails 类型用户 SysUser user = userMapper.findByUserName(username); if (user == null) { throw new UsernameNotFoundException("用户名不存在"); } List<SimpleGrantedAuthority> authorities = new ArrayList<>(); // 用于添加用户的权限。只要把用户权限添加到authorities 就万事大吉。 for (SysRole role : user.getRoles()) { authorities.add(new SimpleGrantedAuthority(role.getName())); } return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), authorities);}
}
8.定义controller 我们的配置里面配置了登录成功之后跳转到首页
跳转到登录页面
@RequestMapping(value = “/login”)
public String login() {
return “login”;
}
跳转到主页
@RequestMapping(value = {“/”,}, method = RequestMethod.GET)
public String gotohome() {
return “home”;
}
9.最后你可以自定义html页面,很简单了,这里不再啰嗦!
10.配置完springsecurity之后,你的controller就可以加权限了
@RequestMapping("/getuser")
//必须有这个权限才可以使用
@Secured("ROLE_USER")
@ResponseBody
public User getUser() {
User user = new User();
user.setName("test");
return user;
}
11.如果你想使用 BCryptPasswordEncoder加密,配置文件需要修改成下面这样 @Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserService).passwordEncoder(new BCryptPasswordEncoder());
}
存入数据库的加密方法如下: public SysUser create(User u user){
//进行加密
BCryptPasswordEncoder encoder =new BCryptPasswordEncoder();
sysUser.setPassword(encoder.encode(user.getRawPassword().trim()));
userDao.create(user);
return sysUser;
}
end……..
- springBoot+mybatis+springsecurity整合!
- springboot+springSecurity+mybatis实现权限管理
- Spring+SpringMVC+MyBatis+SpringSecurity+maven框架整合
- SpringBoot学习:SpringBoot整合mybatis
- SpringBoot和Mybatis整合
- springboot 整合mybatis
- springboot+mybatis+dubbo整合
- SpringBoot整合MyBatis
- SpringBoot整合Mybatis
- springBoot整合mybatis
- springboot与mybatis整合
- springboot和mybatis整合
- Springboot整合Mysql+Mybatis
- springboot、mybatis、activemq整合
- SpringBoot整合MyBatis
- SpringBoot 整合mybatis
- SpringBoot + Mybatis 整合demo
- springboot整合mybatis
- 二维数组中的查找、空格替换、从尾到头打印链表 --漫漫算法路 刷题篇
- 微信开发----群发接口
- python
- java多线程(三)Synchronized
- 文章标题
- springBoot+mybatis+springsecurity整合!
- windows 安装mysql-python
- [PDF]Java编程思想第四版完整中文高清版(亲测真实)
- Android 自动打包之Jenkins 之门(一)
- HTTP 长连接和短连接
- alipay-node-sdk 封装,支付宝统一支付
- JNI实现源码分析【三 间接引用表】
- Spring Boot Logging Level设置为off时Bug
- echarts 自定义按钮控制数据的显示