依赖:
<dependencies>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
配置Security
Controller层:
@Controller
public class RouterController {
@RequestMapping({"/","/index","/index.html"})
public String toIndex(){
return "index";
}
@RequestMapping("/toLogin")
public String toLogin(){
return "views/login";
}
@RequestMapping("/level1/{id}")
public String v1(@PathVariable("id") int id){
return "views/level1/"+id;
}
@RequestMapping("/level2/{id}")
public String v2(@PathVariable("id") int id){
return "views/level2/"+id;
}
@RequestMapping("/level3/{id}")
public String v3(@PathVariable("id") int id){
return "views/level3/"+id;
}
}
MySecurityConfig.java
//开启安全模式
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {//继承父类
@Override
protected void configure(HttpSecurity http) throws Exception {
//安全 组策略
http.authorizeRequests()
.antMatchers("/").permitAll()// "/"请求 . 所有人可以获取
.antMatchers("/level1/**").hasRole("vip1")// level1文件夹下的所有页面 权限为vip1才可访问
.antMatchers("/level2/**").hasRole("vip2")// level1文件夹下的所有页面 权限为vip2才可访问
.antMatchers("/level3/**").hasRole("vip3");// level1文件夹下的所有页面 权限为vip3才可访问
//开启登陆页
http.formLogin();
//开启注销功能 . 指定注销后所处页面
http.logout().logoutSuccessUrl("/");
//关闭跨站攻击抵御模式
http.csrf();//登出失败的原因可能是 开启了此模式
//开启 记住密码和账号功能
//http.rememberMe();//cookie 默认保存两周
//若使用自定义页面则改为
http.rememberMe().rememberMeParameter("remember");
//自定制 . login页面 . 认证账户的请求
http.formLogin().loginPage("/toLogin").loginProcessingUrl("/login");
}
//认证 组策略
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//密码编码方式
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("xzb").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1","vip2").and()
//用户名 . 编译后的密码 . 用户权限
.withUser("123").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2","vip3").and()
.withUser("456").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1");
}
}
页面:login
<!--登录注销-->
<div class="right menu">
<!--未登录-->
<div sec:authorize="!isAuthenticated()"><!--判断是否登陆!isAuthenticated()-->
<a class="item" th:href="@{/toLogin}">
<i class="address card icon"></i> 登录
</a>
</div>
<div sec:authorize="isAuthenticated()"><!--判断是否登陆!isAuthenticated()-->
<a class="item">
用户名:<span sec:authentication="name"></span><!--显示用户名-->
<!--权限:<span sec:authentication="principal.getAuthorities()"></span>-->
</a>
<a class="item" th:href="@{/logout}">
<i class="sign-out icon"></i> 注销
</a>
</div>
</div>
页面:login
<form th:action="@{/login}" method="post">
<div class="field">
<label>Username</label>
<div class="ui left icon input">
<input type="text" placeholder="Username" name="username"><!--注意name-->
<!--若想更需配置 http.formLogin().usernameParameter("其他name名").passwordParameter("其他name名");-->
<i class="user icon"></i>
</div>
</div>
<div class="field">
<label>Password</label>
<div class="ui left icon input">
<input type="password" name="password"><!--注意name-->
<i class="lock icon"></i>
</div>
</div>
<input type="checkbox" name="remember">记住我<!--注意name-->
<!--http.rememberMe().rememberMeParameter("与之对应remember");-->
<input type="submit" class="ui blue submit button"/>
</form>
其他页面:
level1/1.html 2.html 3.html
level2/1.html 2.html 3.html
level3/1.html 2.html 3.html