spring boot+security整合(一)
- 本文僅為個人學習spring security 的體會記錄,如您恰巧刷到,且對您有幫助,榮幸之至。
-
- 引入maven檔案
- 建立user表
- 建立UserBean實體類
- UserBeanMapper
- MyUserDetailsService
- HelloController
本文僅為個人學習spring security 的體會記錄,如您恰巧刷到,且對您有幫助,榮幸之至。
引入maven檔案
由于我是基于activiti7 順便學習了 security内容,是以這裡引入的是 activiti相關内容:
<dependency>
<groupId>org.activiti</groupId>
<artifactId>activiti-spring-boot-starter</artifactId>
<version>7.1.0.M4</version>
</dependency>
<dependency>
<groupId>org.activiti.dependencies</groupId>
<artifactId>activiti-dependencies</artifactId>
<version>7.1.0.M4</version>
<type>pom</type>
</dependency>
如果您是隻了解 security ,則隻需引入security相關内容即可:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
如果此時啟動項目,并通路之前的網頁,網頁會出現security預設登入界面,如下:
security預設使用者名為:user,password則為項目啟動時候輸出的内容(Note:每次啟動會不一樣)
建立user表
CREATE TABLE `user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(100) DEFAULT NULL,
`password` varchar(100) DEFAULT NULL,
`role` varchar(100) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8
如果需要測試資料,可執行以下sql:
INSERT INTO `act-demo`.`user` (username,password,`role`) VALUES
('admin','$2a$10$odKAc3F4D/RoAvMOjFpslOO4S0B7XbZ9H.AdtbdR4z6NpukXcwTbi','ROLE_ACTIVITI_USER')
,('nancy','$2a$10$odKAc3F4D/RoAvMOjFpslOO4S0B7XbZ9H.AdtbdR4z6NpukXcwTbi','ROLE_ACTIVITI_USER')
;
建立UserBean實體類
import java.util.Arrays;
import java.util.Collection;
import java.util.stream.Collectors;
@Component
public class UserBean implements UserDetails {
private long id;
private String username;
private String password;
private String role;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Arrays.stream(role.split(","))
.map(s -> new SimpleGrantedAuthority(s))
.collect(Collectors.toList());
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
UserBeanMapper
import com.example.actdemo.pojo.UserBean;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import org.springframework.stereotype.Component;
@Mapper
@Component
public interface UserBeanMapper {
@Select("select * from user where username = #{username}")
UserBean selectByUsername(@Param("username") String username);
}
MyUserDetailsService
import com.example.actdemo.mapper.UserBeanMapper;
import com.example.actdemo.pojo.UserBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
@Component
public class MyUserDetailsService implements UserDetailsService {
@Autowired
UserBeanMapper mapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//注釋内容可用于初始設定密碼加密時使用
// String password= passwordEncoder().encode("111");
// System.out.println("password ========== > " + password);
// return new User(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_ACTIVITI_USER"));
/**
* 此處隻做了資料庫查詢工作
* 将UserDetalis 傳回到 架構之後
* 由架構 完成 安全比對工作
*/
UserBean userBean = mapper.selectByUsername(username);
if(userBean == null){
throw new UsernameNotFoundException("資料庫中無此使用者");
}
return userBean;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
HelloController
@RestController
public class HelloController{
@RequestMapping(value = "hello",method = RequestMethod.GET)
public String hello(){
return new String("welcome to activity");
}
}
基于以上代碼,可實作采用資料庫的資料登入
項目包連結 :https://download.csdn.net/download/sinat_15872851/86434091