spring boot+security整合(一)
- 本文仅为个人学习spring security 的体会记录,如您恰巧刷到,且对您有帮助,荣幸之至。
-
- 引入maven文件
- 创建user表
- 创建UserBean实体类
- UserBeanMapper
- MyUserDetailsService
- HelloController
本文仅为个人学习spring security 的体会记录,如您恰巧刷到,且对您有帮助,荣幸之至。
引入maven文件
由于我是基于activiti7 顺便学习了 security内容,所以这里引入的是 activiti相关内容:
<dependency>
<groupId>org.activiti</groupId>
<artifactId>activiti-spring-boot-starter</artifactId>
<version>7.1.0.M4</version>
</dependency>
<dependency>
<groupId>org.activiti.dependencies</groupId>
<artifactId>activiti-dependencies</artifactId>
<version>7.1.0.M4</version>
<type>pom</type>
</dependency>
如果您是只了解 security ,则只需引入security相关内容即可:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
如果此时启动项目,并访问之前的网页,网页会出现security默认登录界面,如下:
security默认用户名为:user,password则为项目启动时候输出的内容(Note:每次启动会不一样)
创建user表
CREATE TABLE `user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(100) DEFAULT NULL,
`password` varchar(100) DEFAULT NULL,
`role` varchar(100) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8
如果需要测试数据,可执行以下sql:
INSERT INTO `act-demo`.`user` (username,password,`role`) VALUES
('admin','$2a$10$odKAc3F4D/RoAvMOjFpslOO4S0B7XbZ9H.AdtbdR4z6NpukXcwTbi','ROLE_ACTIVITI_USER')
,('nancy','$2a$10$odKAc3F4D/RoAvMOjFpslOO4S0B7XbZ9H.AdtbdR4z6NpukXcwTbi','ROLE_ACTIVITI_USER')
;
创建UserBean实体类
import java.util.Arrays;
import java.util.Collection;
import java.util.stream.Collectors;
@Component
public class UserBean implements UserDetails {
private long id;
private String username;
private String password;
private String role;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Arrays.stream(role.split(","))
.map(s -> new SimpleGrantedAuthority(s))
.collect(Collectors.toList());
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
UserBeanMapper
import com.example.actdemo.pojo.UserBean;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import org.springframework.stereotype.Component;
@Mapper
@Component
public interface UserBeanMapper {
@Select("select * from user where username = #{username}")
UserBean selectByUsername(@Param("username") String username);
}
MyUserDetailsService
import com.example.actdemo.mapper.UserBeanMapper;
import com.example.actdemo.pojo.UserBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
@Component
public class MyUserDetailsService implements UserDetailsService {
@Autowired
UserBeanMapper mapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//注释内容可用于初始设置密码加密时使用
// String password= passwordEncoder().encode("111");
// System.out.println("password ========== > " + password);
// return new User(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_ACTIVITI_USER"));
/**
* 此处只做了数据库查询工作
* 将UserDetalis 返回到 框架之后
* 由框架 完成 安全比对工作
*/
UserBean userBean = mapper.selectByUsername(username);
if(userBean == null){
throw new UsernameNotFoundException("数据库中无此用户");
}
return userBean;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
HelloController
@RestController
public class HelloController{
@RequestMapping(value = "hello",method = RequestMethod.GET)
public String hello(){
return new String("welcome to activity");
}
}
基于以上代码,可实现采用数据库的数据登录
项目包链接 :https://download.csdn.net/download/sinat_15872851/86434091