spring boot security的简单学习demo
来源:互联网 发布:电脑打不开软件没反应 编辑:程序博客网 时间:2024/06/01 07:13
项目的目录结构如图
bootstrap.min.css自己上网上找到下载吧
pom.xml
<!-- Spring Boot 启动父依赖 核心模块,包括自动配置支持、日志和YAML--> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.5.1.RELEASE</version> </parent> <dependencies> <!--start-web--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!--jpa--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <!--security--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <!--Thymeleaf--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <!--mysql--> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.39</version> </dependency> <!--jdbc--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jdbc</artifactId> </dependency> <dependency> <groupId>javax.batch</groupId> <artifactId>javax.batch-api</artifactId> <version>1.0.1</version> </dependency> <!--Thymeleaf的spring security的支持--> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-springsecurity4</artifactId> </dependency> </dependencies>
application.properties文件
# 设置端口号server.port=8080# 设置日志级别logging.level.root=info# 数据源配置spring.datasource.driver-class-name=com.mysql.jdbc.Driverspring.datasource.url=jdbc:mysql://ip:3306/dbname?useUnicode=true&characterEncoding=UTF-8spring.datasource.username=spring.datasource.password=# 让控制器输出json字符串格式spring.jackson.serialization.indent-output=true# spring.jpa.hibernate.ddl-auto=update# 显示sql语句spring.jpa.show-sql=true# security日志配置logging.level.org.springframework.security=debug# thymeleaf模板缓存设置spring.thymeleaf.cache=false
启动类
import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplicationpublic class SpringSecurityContext { public static void main(String[] args) { SpringApplication.run(SpringSecurityContext.class); }}
domian
SysRole
import javax.persistence.Entity;import javax.persistence.GeneratedValue;import javax.persistence.Id;/** * 角色 */@Entitypublic class SysRole { @Id @GeneratedValue private Long id; private String name; public Long getId() { return id; } public void setId(Long id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name; }}
SysUser
import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.SimpleGrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;import javax.persistence.*;import java.util.ArrayList;import java.util.Collection;import java.util.List;/** * 用户 */@Entitypublic class SysUser implements UserDetails { @Id @GeneratedValue private Long id; private String username; private String password; @ManyToMany(cascade = {CascadeType.REFRESH}, fetch = FetchType.EAGER) // 配置用户和角色的多对多关系 private List<SysRole> sysRoles; @Override // 将用户的角色作为权限 public Collection<? extends GrantedAuthority> getAuthorities() { List<GrantedAuthority> auths = new ArrayList<>(); List<SysRole> roles = this.getSysRoles(); for (SysRole role : roles) { auths.add(new SimpleGrantedAuthority(role.getName())); } return auths; } @Override public boolean isAccountNonExpired() { return true; } @Override public boolean isAccountNonLocked() { return true; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return true; } public Long getId() { return id; } public void setId(Long id) { this.id = id; } @Override public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } @Override public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public List<SysRole> getSysRoles() { return sysRoles; } public void setSysRoles(List<SysRole> sysRoles) { this.sysRoles = sysRoles; }}
Msg
public class Msg { private String title; private String content; private String etraInfo; public Msg(String title, String content, String etraInfo) { super(); this.title = title; this.content = content; this.etraInfo = etraInfo; } public String getTitle() { return title; } public void setTitle(String title) { this.title = title; } public String getContent() { return content; } public void setContent(String content) { this.content = content; } public String getEtraInfo() { return etraInfo; } public void setEtraInfo(String etraInfo) { this.etraInfo = etraInfo; }}
dao
import cn.zfs.springboot.security.domain.SysUser;import org.springframework.data.jpa.repository.JpaRepository;public interface SysUserRepository extends JpaRepository<SysUser,Long> { SysUser findByUsername(String username);}
service
import cn.zfs.springboot.security.dao.SysUserRepository;import cn.zfs.springboot.security.domain.SysUser;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;public class CustomerUserService implements UserDetailsService { @Autowired private SysUserRepository sysUserRepository; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { SysUser sysUser = sysUserRepository.findByUsername(username); if(sysUser == null){ throw new UsernameNotFoundException("用户名不存在"); } return sysUser; }}
配置类
securityConfig
import cn.zfs.springboot.security.service.CustomerUserService;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.core.userdetails.UserDetailsService;@Configurationpublic class SecurityConfig extends WebSecurityConfigurerAdapter{ @Bean UserDetailsService customerUserService(){ return new CustomerUserService(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(customerUserService()); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .anyRequest().authenticated() // 所有请求页面都需要登录才能访问 .and() .formLogin() .loginPage("/login") .failureForwardUrl("/login?error") .permitAll() // 定制登录行为,登录页面可以任意访问 .and() .logout().permitAll(); // 定制注销行为,注销请求可以任意访问 }}
WebMvcConfig
import org.springframework.context.annotation.Configuration;import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;@Configurationpublic class WebMVCConfig extends WebMvcConfigurerAdapter{ @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/login").setViewName("login"); // 注册访问转向login.HTML页面 }}
Controller
import cn.zfs.springboot.security.domain.Msg;import org.springframework.stereotype.Controller;import org.springframework.ui.Model;import org.springframework.web.bind.annotation.RequestMapping;@Controllerpublic class SecurityController { @RequestMapping("/") public String index(Model model){ Msg msg = new Msg("测试标题","测试内容","额外信息,只对管理员显示"); model.addAttribute("msg",msg); return "home"; }}
home.html
<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4"><!-- 1 --><head><meta content="text/html;charset=UTF-8"/><title sec:authentication="name"></title> <!-- 2 --><link rel="stylesheet" th:href="@{css/bootstrap.min.css}" /><style type="text/css">body { padding-top: 50px;}.starter-template { padding: 40px 15px; text-align: center;}</style></head><body> <nav class="navbar navbar-inverse navbar-fixed-top"> <div class="container"> <div class="navbar-header"> <a class="navbar-brand" href="#">Spring Security演示</a> </div> <div id="navbar" class="collapse navbar-collapse"> <ul class="nav navbar-nav"> <li><a th:href="@{/}"> 首页 </a></li> </ul> </div><!--/.nav-collapse --> </div> </nav> <div class="container"> <div class="starter-template"> <h1 th:text="${msg.title}"></h1> <p class="bg-primary" th:text="${msg.content}"></p> <div sec:authorize="hasRole('ROLE_ADMIN')"> <!-- 3 --> <p class="bg-info" th:text="${msg.etraInfo}"></p> </div> <div sec:authorize="hasRole('ROLE_USER')"> <!-- 4--> <p class="bg-info">无更多信息显示</p> </div> <form th:action="@{/logout}" method="post"> <input type="submit" class="btn btn-primary" value="注销"/><!-- 5 --> </form> </div> </div></body></html>
login.html
<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta content="text/html;charset=UTF-8"/><title>登录页面</title><link rel="stylesheet" th:href="@{css/bootstrap.min.css}"/><style type="text/css"> body { padding-top: 50px;}.starter-template { padding: 40px 15px; text-align: center;}</style></head><body> <nav class="navbar navbar-inverse navbar-fixed-top"> <div class="container"> <div class="navbar-header"> <a class="navbar-brand" href="#">Spring Security演示</a> </div> <div id="navbar" class="collapse navbar-collapse"> <ul class="nav navbar-nav"> <li><a th:href="@{/}"> 首页 </a></li> </ul> </div><!--/.nav-collapse --> </div> </nav> <div class="container"> <div class="starter-template"> <p th:if="${param.logout}" class="bg-warning">已成功注销</p><!-- 1 --> <p th:if="${param.error}" class="bg-danger">有错误,请重试</p> <!-- 2 --> <h2>使用账号密码登录</h2> <form name="form" th:action="@{/login}" action="/login" method="POST"> <!-- 3 --> <div class="form-group"> <label for="username">账号</label> <input type="text" class="form-control" name="username" value="" placeholder="账号" /> </div> <div class="form-group"> <label for="password">密码</label> <input type="password" class="form-control" name="password" placeholder="密码" /> </div> <input type="submit" id="login" value="Login" class="btn btn-primary" /> </form> </div> </div></body></html>
注:学自 <<javaEE 开发的颠覆者 spring boot 实战>>
阅读全文
0 0
- spring boot security的简单学习demo
- Spring Security简单Demo
- spring security简单demo .
- Spring Boot 实现最简单的 Security
- spring boot security学习
- spring boot spring security学习
- spring security spring boot
- spring boot Batch 的简单学习
- Spring Boot 超·简单demo
- docker构建spring boot 简单demo
- spring简单的demo
- Spring的简单Demo
- spring security的简单使用
- Spring Security入门Demo
- spring boot security reference
- Spring Boot Security Application
- spring boot security
- spring boot整合security
- 二叉树 c 实现
- 同步锁
- A/B HDU1576
- 有用过PHP SPL的吗,不知道这主要用来干嘛
- Java 基础
- spring boot security的简单学习demo
- Hadoop 文件查看工具
- Gartner全球IAAS市场报告:阿里云进入全球前三
- 我是如何利用Hadoop做大规模日志压缩的
- 深拷贝和浅拷贝
- POSIX定时器:timer_settime()的使用
- PI/4 dqpsk 非相干解调原理与matlab实现
- PHP SPL使用方法和他的威力
- xshell 无法连接ubuntu