简单案例
创建springboot工程、引入 spring-boot-starter-security 依赖,编写controller层,在访问接口方法时会跳转到springsecurity的默认登录页面 ,如下:
默认用户名:user
登录密码在控制台可以找到
web权限方案
1、设置登录的用户名和密码
方式一:通过配置文件
#spring.security.user.name=admin
#spring.security.user.password=admin
方式二:通过配置类
package com.ice.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @author 紫风
* @date 2021年08月05日 18:25
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("admin")
.and()
.withUser("user").password(new BCryptPasswordEncoder().encode("123456")).roles("admin")
.and()
.withUser("guest").password(new BCryptPasswordEncoder().encode("123456")).roles("admin");
}
}
方式三:自定义编写实现类
1、编写接口UserDetailsService实现类,返回User对象,User对象里有用户名、密码和操作权限
package com.ice.service;
import com.ice.mapper.MemberMapper;
import com.ice.pojo.Member;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* @author 紫风
* @date 2021年08月05日 22:18
*/
//注入userDetailsService对象
@Service("userDetailsService")
//得到用户密码并返回user对象
public class MyUserDetailsService implements UserDetailsService {
@Autowired
private MemberMapper memberMapper;
@Override
public UserDetails loadUserByUsername(String userid) throws UsernameNotFoundException {
// 调用memberMapper的方法查询数据库
// 根据用户名查询数据库
Member member = memberMapper.selectByusername(userid);
// 判断用户是否存在
if (member == null) {
throw new UsernameNotFoundException("用户不存在");
}
List<GrantedAuthority> auths =
AuthorityUtils.commaSeparatedStringToAuthorityList("admin");
// 从查询数据库返回users对象,得到用户名和密码,返回users
return new User(member.getUserid(),
new BCryptPasswordEncoder().encode(member.getPassword()), auths);
}
}
2、编写配置类,继承WebSecurityConfigurerAdapter,注入userDetailsService,并设置使用userDetailsService返回的 UserDetails中的Username,password属性(会与登录返回来的username、password作认证对比),即数据库查出来的用户名和密码
源码分析
1、 UserDetailsService
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by FernFlower decompiler)
//
package org.springframework.security.core.userdetails;
public interface UserDetailsService {
UserDetails loadUserByUsername(String var1) throws UsernameNotFoundException;
}
2、 UserDetails
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by FernFlower decompiler)
//
package org.springframework.security.core.userdetails;
import java.io.Serializable;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
public interface UserDetails extends Serializable {
Collection<? extends GrantedAuthority> getAuthorities();
String getPassword();
String getUsername();
boolean isAccountNonExpired();
boolean isAccountNonLocked();
boolean isCredentialsNonExpired();
boolean isEnabled();
}
整合mybatis 完成数据库操作
1、引入相关依赖
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.2.0</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<!--mybatis代码生成器-->
<dependency>
<groupId>org.mybatis.generator</groupId>
<artifactId>mybatis-generator-core</artifactId>
<version>1.4.0</version>
</dependency>
2、代码生成器生成pojo、sql映射类·、mapper接口类
3、在MyUserDetailsService调用mapper接口的方法查询数据库进行用户认证(上面已经写好)
4、在启动类添加注解 @MapperScan(“com.ice.mapper.MemberMapper”)
package com.ice;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
@MapperScan("com.ice.mapper.MemberMapper")
public class Security5Application {
public static void main(String[] args) {
SpringApplication.run(Security5Application.class, args);
}
}
5、配置文件配置好数据库信息
server.port=8080
#spring.security.user.name=admin
#spring.security.user.password=admin
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/ssmcards?serverTimezone=GMT&useUnicode=true&characterEncoding=UTF-8
spring.datasource.username=root
spring.datasource.password=111aaa