可能网上有重复代码了,以下存粹为了记录自己的程序小人生。也希望能帮到小白,不喜勿喷。大神可以给指点一下,欢迎骚扰!!!
1.SecurityConfiguration.java代码
import com.pactera.unilever.kanban.api.web.utils.JBCryptUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
import javax.sql.DataSource;
/**
* Created by 屈想顺 on 2018/6/4.
*/
@Configuration
@Component
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(new PasswordEncoder(){
@Override
public String encode(CharSequence rawPassword) {
//JBCryptUtils.encrypt((String)rawPassword);定义的加密方式
return JBCryptUtils.encrypt((String)rawPassword);
}
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
//JBCryptUtils.checkpw((String)rawPassword, encodedPassword);密码验证
return JBCryptUtils.checkpw((String)rawPassword, encodedPassword);
}}); //user Details Service验证
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
//通过用户名查询的sql
.authoritiesByUsernameQuery("select username FROM auth_user where username=?")
.usersByUsernameQuery("select username, password FROM auth_user where username=?");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic() // it indicate basic authentication is requires
.and()
.authorizeRequests()
.antMatchers( "/user/login").permitAll() // /index will be accessible directly, no need of any authentication
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.anyRequest().authenticated(); // it's indicate all request will be secure
http.csrf().disable();
}
}
2.UserDetailsServiceImpl.java
import com.pactera.unilever.kanban.core.dao.BasicAuthRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
/**
* Created by 屈想顺 on 2018/6/6.
*/
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private BasicAuthRepository basicAuthRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//通过用户名在本地查询数据
List<Object[]> basic = basicAuthRepository.findBasicByClient_id(username);
//对数据结果处理
Optional<Object[]> first = basic.stream().findFirst();
//如果不存在,则抛异常
if (!first.isPresent()){
throw new UsernameNotFoundException("用户名不存在");
}
Object[] obj = first.get();
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
//如果存在则返回用户,这个User必须是org.springframework.security.core.userdetails.User
return new org.springframework.security.core.userdetails.User(obj[0].toString(), obj[1].toString(), authorities);
}
}
3.加上上面两个类,就继承而来basic auth验证了。