JSP中使用SpringBoot Security步骤
来源:互联网 发布:fifa数据库超级玩家 编辑:程序博客网 时间:2024/05/17 18:00
- 引入POM文件
<parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.3.3.RELEASE</version> <relativePath /> <!-- lookup parent from repository --> </parent> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-jasper</artifactId> <scope>provided</scope> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.9</version> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>jstl</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-taglibs</artifactId> </dependency> <dependency> <groupId>com.oracle</groupId> <artifactId>ojdbc6</artifactId> <version>11.2.0.1.0</version> </dependency> </dependencies> <build> <finalName>springboot-web-jsp</finalName> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build>
2.创建角色和用户表
(1)@Entity@Table(name="SYS_ROLES")public class SysRole extends BaseEntity{ private static final long serialVersionUID = 5799265763294090239L; private String name; public String getName() { return name; } public void setName(String name) { this.name = name; }}(2):**用户表需要实现UserDetails接口,重写getAuthorities()方法**@Entity()@Table(name="SYS_USERS")public class SysUser extends BaseEntity implements UserDetails{ private static final long serialVersionUID = 2060489721205695393L; private String username; private String password; @ManyToMany(cascade={CascadeType.REFRESH},fetch=FetchType.EAGER) private List<SysRole> roles; @Override public Collection<? extends GrantedAuthority> getAuthorities() { List<GrantedAuthority> authorities=new ArrayList<GrantedAuthority>(); List<SysRole> sysRoles=this.getRoles(); for (SysRole sysRole : sysRoles) { authorities.add(new SimpleGrantedAuthority(sysRole.getName())); } return authorities; }}
3.编写Repository,Service类
(1):我是使用的JPA来实现数据访问,此处根据你项目需要来选择需要的Repository接口public interface SysUserRepository extends JpaRepository<SysUser, String>{ SysUser findByUsername(String name);}(2):**service需要实现UserDetailsService接口,重写loadUserByUsername方法,引入需要的Repository来访问数据库**@Servicepublic class SysUserService implements UserDetailsService{ @Autowired SysUserRepository sysUserRepository; @Override public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException { SysUser sysUser=sysUserRepository.findByUsername(name); if(sysUser==null){ throw new UsernameNotFoundException("该用户不存在!"); } return sysUser; }}
4.写SecurityConfig配置文件
@Configurationpublic class SecurityConfig extends WebSecurityConfigurerAdapter { @Bean UserDetailsService sysUserService() { return new SysUserService(); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/static/**"); } @Override protected void configure(HttpSecurity http) throws Exception { //此处我把csrf校验取消,开始总是报错,就是它惹的祸 http.csrf().disable().authorizeRequests() .anyRequest().authenticated() //任何用户需要权限校验 .and() .formLogin() .loginPage("/login") .failureUrl("/login?error") .permitAll() .and() .logout().permitAll(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { //校验注入Service auth.userDetailsService(sysUserService()); }}
5.在JSP页面引入spring security标签
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %> ROLE_ADMIN,ROLE_HR,ROLE_COMMON这些角色在sys_roles表中设置 <sec:authorize access="hasRole('ROLE_ADMIN')"> <div> <!-- 3 --> <p class="bg-info">${msg.content_admin}</p> </div> </sec:authorize> <sec:authorize access="hasRole('ROLE_HR')"> <div> <!-- 3 --> <p class="bg-info">只有HR角色的人员才能看到</p> </div> </sec:authorize> <sec:authorize access="hasRole('ROLE_COMMON')"> <div> <p class="bg-info">所以用户都能看到</p> </div> </sec:authorize>
0 0
- JSP中使用SpringBoot Security步骤
- SpringBoot 中使用JSP
- SPringBoot 中 使用JSP页面
- SpringBoot中使用Spring Security实现权限控制
- 在springboot项目中使用jsp试图
- 在SpringBoot中使用JSP开发网页
- springboot+security 的BCryptPasswordEncoder 使用
- 在jsp中使用spring security的tag
- 关于IDEA中创建springboot+security+jpa
- Springboot security
- Springboot使用RedisTemplate基本步骤
- 在Springboot中集成jsp
- springboot 使用配置返回jsp
- JSP中使用JDBC连接MySQL数据库的详细步骤
- JSP中使用JDBC连接MySQL数据库的详细步骤
- JSP中使用JDBC连接MySQL数据库的详细步骤
- Spring Security中<@security.authorize的使用
- SpringBoot 中使用 Log4j
- List (单链表17个函数讲解)
- Lock与synchronized 的区别
- 不使用循环和乘除算前n项和
- hdu_1072_Nightmare(BFS)
- Maven学习13之覆盖率测试
- JSP中使用SpringBoot Security步骤
- Part2:Unity学习笔记十一 - Space Shooter
- AngularJS directive指令之require部分
- RabbitMQ 集群与高可用配置
- demo短信拦截---BroadcastReceiver
- View.setBackgroundColor(int color)
- Android NDK开发Crash错误定位
- spark 使用中会遇到的一些问题及解决思路
- 连接属性