Python 官方文档:入门教程 => 点击学习
1.工业级安全框架介绍 spring Security基于Spring开发,项目中如果使用Spring作为基础,配合Spring Security做权限更加方便,而shiro需要和S
spring Security基于Spring开发,项目中如果使用Spring作为基础,配合Spring Security做权限更加方便,而shiro需要和Spring进行整合开发。因此作为spring全家桶中的Spring Security在java领域很常用。
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="Http://Maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>springsecurityReview</artifactId>
<version>1.0-SNAPSHOT</version>
<parent>
<artifactId>spring-boot-dependencies</artifactId>
<groupId>org.springframework.boot</groupId>
<version>2.5.4</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-WEB</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
</dependencies>
</project>
package com.example.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class Handler {
@GetMapping("/index")
public String index(){
return "index";
}
}
package com.example;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class,args);
}
}
将密码转成字符串形式,并通过match方法惊醒校验。
package com.example.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.httpsecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//角色和资源的关系
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/admin").hasRole("ADMIN")
.antMatchers("/index").access("hasRole('ADMIN') or hasRole('USER') ")
.anyRequest().authenticated()
.and()
.fORMLogin()
.loginPage("/login")
.permitAll()
.and()
.loGout()
.permitAll()
.and()
.csrf()
.disable();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passWordEncoder(new MyPasswordEncoder())
.withUser("user").password(new MyPasswordEncoder()
.encode("000")).roles("USER")
.and()
.withUser("admin").password(new MyPasswordEncoder()
.encode("123")).roles("ADMIN","USER");
}
}最后达到admin账号能访问admin.html和index.html
user只能访问index.html的操作
以上就是Springboot安全框架整合SpringSecurity实现方式的详细内容,更多关于Springboot整合SpringSecurity的资料请关注编程网其它相关文章!
--结束END--
本文标题: Springboot安全框架整合SpringSecurity实现方式
本文链接: https://lsjlt.com/news/135716.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
2024-03-01
2024-03-01
2024-03-01
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
官方手机版
微信公众号
商务合作
0