本文只作为spring官方文档的补充,不会解释spring以及hibernate的具体技术细节。
本文默认项目已经具有相关的用户表和DAO,现在我们以此为基础进行基本的用户登陆认证,url权限管理和登出设置。
网上有很多文档描述了如何为项目添加spring security支持。在spring boot中,我们只需要添加了配置类,就可以描述spring security的控制信息:
package edu.nju.web.security;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import javax.annotation.Resource;
/**
* Http security config
* @author cuiods
*/
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private UserDetailsService userService;
@Resource