添加了登录成功处理
1、Maven增加依赖
<!-- logback的数据库记录用-->
<dependency>
<groupId>commons-dbcp</groupId>
<artifactId>commons-dbcp</artifactId>
<version>1.4</version>
</dependency>
2、修改logback.xml中的设定
<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="false">
<!--定义日志文件的存储地址 勿在 LogBack 的配置中使用相对路径-->
<!-- <property name="LOG_HOME" value="/home" />-->
<property name="LOG_HOME" value="D:/chenlog" />
<!--控制台日志, 控制台输出 -->
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
<!--格式化输出:%d表示日期,%thread表示线程名,%-5level:级别从左显示5个字符宽度,%msg:日志消息,%n是换行符-->
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n</pattern>
</encoder>
</appender>
<!--文件日志, 按照每天生成日志文件 -->
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!--日志文件输出的文件名-->
<FileNamePattern>${LOG_HOME}/TestWeb.log.%d{yyyy-MM-dd}.log</FileNamePattern>
<!--日志文件保留天数-->
<MaxHistory>30</MaxHistory>
</rollingPolicy>
<encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
<!--格式化输出:%d表示日期,%thread表示线程名,%-5level:级别从左显示5个字符宽度%msg:日志消息,%n是换行符-->
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n</pattern>
</encoder>
<!--日志文件最大的大小-->
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>10MB</MaxFileSize>
</triggeringPolicy>
</appender>
<!-- 将日志写入数据库 -->
<appender name="DB" class="ch.qos.logback.classic.db.DBAppender">
<connectionSource class="ch.qos.logback.core.db.DriverManagerConnectionSource">
<driverClass>com.mysql.cj.jdbc.Driver</driverClass>
<url>jdbc:mysql://127.0.0.1:3306/shujuku?useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC</url>
<user>root</user>
<password>mima</password>
</connectionSource>
<!--
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<level>info</level>
<onMatch>ACCEPT</onMatch>
<onMismatch>DENY</onMismatch>
</filter>
-->
</appender>
<!-- 日志输出级别 -->
<!--<root level="DEBUG">-->
<root level="INFO">
<appender-ref ref="STDOUT" />
<appender-ref ref="FILE"/>
<appender-ref ref="DB"/>
</root>
</configuration>
3、创建数据记录表
BEGIN;
DROP TABLE IF EXISTS logging_event_property;
DROP TABLE IF EXISTS logging_event_exception;
DROP TABLE IF EXISTS logging_event;
COMMIT;
BEGIN;
CREATE TABLE logging_event
(
timestmp BIGINT NOT NULL,
formatted_message TEXT NOT NULL,
logger_name VARCHAR(254) NOT NULL,
level_string VARCHAR(254) NOT NULL,
thread_name VARCHAR(254),
reference_flag SMALLINT,
arg0 VARCHAR(254),
arg1 VARCHAR(254),
arg2 VARCHAR(254),
arg3 VARCHAR(254),
caller_filename VARCHAR(254) NOT NULL,
caller_class VARCHAR(254) NOT NULL,
caller_method VARCHAR(254) NOT NULL,
caller_line CHAR(4) NOT NULL,
event_id BIGINT NOT NULL AUTO_INCREMENT PRIMARY KEY
);
COMMIT;
BEGIN;
CREATE TABLE logging_event_property
(
event_id BIGINT NOT NULL,
mapped_key VARCHAR(254) NOT NULL,
mapped_value TEXT,
PRIMARY KEY(event_id, mapped_key),
FOREIGN KEY (event_id) REFERENCES logging_event(event_id)
);
COMMIT;
BEGIN;
CREATE TABLE logging_event_exception
(
event_id BIGINT NOT NULL,
i SMALLINT NOT NULL,
trace_line VARCHAR(254) NOT NULL,
PRIMARY KEY(event_id, i),
FOREIGN KEY (event_id) REFERENCES logging_event(event_id)
);
COMMIT;
4、添加成功处理的类
import com.chenclass.xabest.utils.IPUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component("myAuthenticationSuccessHandler")
public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
// Authentication 封装认证信息
// 登录方式不同,Authentication不同
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws ServletException, IOException {
String ip = IPUtils.getIpAddr(request);
logger.warn(ip+"登录");
response.setContentType("application/json;charset=UTF-8");
response.sendRedirect("/index");
}
}
5、添加失败处理的类
import com.chenclass.xabest.utils.IPUtils;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component("myAuthenctiationFailureHandler")
public class MyAuthenctiationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
/* private Logger logger = LoggerFactory.getLogger(getClass());
@Autowired
private ObjectMapper objectMapper;
*/
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
throws IOException, ServletException {
String ip = IPUtils.getIpAddr(request);
// logger.info("进入认证失败处理类");
// response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
response.setContentType("application/json;charset=UTF-8");
//转发到login
// request.getRequestDispatcher("/login?error="+exception.getMessage()).forward(request, response);
// response.sendRedirect("/login?error="+objectMapper.writeValueAsString(exception.getMessage()));
String m_strmessage = exception.getMessage();
if(m_strmessage.equals("jiaoyanmaerror")) {
logger.warn(ip+"登录,校验码失败");
response.sendRedirect("/login?codeerror=true");
}
else
{
response.sendRedirect("/login?error=true");
logger.warn(ip+"登录,用户或密码错误");
}
return;
}
}
6、WebSecurityConfig中添加
import com.chenclass.xabest.filter.OpenIdAuthenticationFilter;
import com.chenclass.xabest.security.CustomUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration
@EnableWebSecurity // 注解开启Spring Security的功能
//WebSecurityConfigurerAdapter:重写它的方法来设置一些web的安全西街
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserService customUserService;
@Autowired
MyAuthenctiationFailureHandler myAuthenctiationFailureHandler;
@Autowired
MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
/*@Bean
public static NoOpPasswordEncoder passwordEncoder() {
return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
}
*/
@Bean
public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder();
}
//md5不够安全,spring5 已结删除
// @Bean
// public Md5PasswordEncoder passwordEncoder() { return new Md5PasswordEncoder(); }
// public Md5PasswordEncoder md5 = new Md5PasswordEncoder();
protected void configure(HttpSecurity http) throws Exception {
http.addFilter(openIdAuthenticationFilter());
http
.authorizeRequests() //定义哪些url需要保护,哪些url不需要保护
.antMatchers("/layuiadmin/**","/reg/**","/defaultKaptcha**","/login**").permitAll() //定义不需要认证就可以访问
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login") //定义当需要用户登录时候,转到的登录页面
.permitAll()
.and().logout().logoutSuccessUrl("/login") //注销
.and()
.logout()
.permitAll();
// .and().cors(); // 这句非常重要了;
http.csrf().disable(); //
http.formLogin()
.defaultSuccessUrl("/index")
.successHandler(myAuthenticationSuccessHandler)
.failureHandler(myAuthenctiationFailureHandler);
// .failureUrl("/login?error=true");
http.headers().frameOptions().disable(); //解决 in a frame because it set 'X-Frame-Options' to 'deny'.陈锡爱20190511
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
/*BCryptPasswordEncoder passwordEncoder =new BCryptPasswordEncoder();
String password = passwordEncoder.encode("111");
auth
.inMemoryAuthentication()
// .withUser("user").password("111").roles("USER");
.withUser("user").password(password).roles("USER");
*/
auth.userDetailsService(customUserService).passwordEncoder(passwordEncoder());
//在内存中创建了一个用户,该用户的名称为user,密码为password,用户角色为USER
}
/**
* 自定义登陆验证接口
*/
public OpenIdAuthenticationFilter openIdAuthenticationFilter() throws Exception {
OpenIdAuthenticationFilter openIdAuthenticationFilter = new OpenIdAuthenticationFilter();
openIdAuthenticationFilter.setAuthenticationManager(authenticationManager());
//只有post请求才拦截
openIdAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
// openIdAuthenticationFilter.setAuthenticationFailureHandler(MyAuthenticationSuccessHandler());
//openIdAuthenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationSuccessHandler);
//openIdAuthenticationFilter.setAuthenticationFailureHandler(securityAuthenticationFailureHandler);
// openIdAuthenticationFilter.setAuthenticationFailureHandler(MyAuthenctiationFailureHandler);
openIdAuthenticationFilter.setAuthenticationSuccessHandler(myAuthenticationSuccessHandler);
return openIdAuthenticationFilter;
}
}
6、添加日志查找IP的工具类
import javax.servlet.http.HttpServletRequest;
public class IPUtils {
// private static Logger logger = LoggerFactory.getLogger(IPUtils.class);
/**
* 获取IP地址
*
* 使用Nginx等反向代理软件, 则不能通过request.getRemoteAddr()获取IP地址
* 如果使用了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP地址,X-Forwarded-For中第一个非unknown的有效IP字符串,则为真实IP地址
*/
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : ip;
}
}