随笔记录
demo目前在Spring Boot 中整合了Security,Mybatis,SQLite等组件
1.Maven中的POM文件
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.java.zn</groupId>
<artifactId>security-demo01</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<name>security-demo01</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
<spring.version>1.5.7.RELEASE</spring.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<artifactId>hibernate-validator</artifactId>
<groupId>org.hibernate</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-websocket</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.40</version>
</dependency>
<!--mybatis -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.3.1</version>
<exclusions>
<exclusion>
<artifactId>tomcat-jdbc</artifactId>
<groupId>org.apache.tomcat</groupId>
</exclusion>
</exclusions>
</dependency>
<!--mapper -->
<dependency>
<groupId>tk.mybatis</groupId>
<artifactId>mapper-spring-boot-starter</artifactId>
<version>1.1.4</version>
</dependency>
<dependency>
<groupId>org.xerial</groupId>
<artifactId>sqlite-jdbc</artifactId>
<version>3.7.2</version><!--$NO-MVN-MAN-VER$ -->
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.0.18</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
<scope>true</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<exclusions>
<exclusion>
<artifactId>android-json</artifactId>
<groupId>com.vaadin.external.google</groupId>
</exclusion>
</exclusions>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.8</source>
<target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${spring.version}</version>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
<configuration>
<mainClass>com.java.zn.App</mainClass>
<fork>true</fork>
<addResources>true</addResources>
</configuration>
</plugin>
</plugins>
</build>
</project>
2.入口类增加Mybatis相关扫描注解
@MapperScan(basePackages = {"com.java.zn.authentication.mybatis"}, sqlSessionFactoryRef = "sqlSessionFactory")
3.appliaaction.yml文件整体配置
server:
port: 8090
compression:
mime-types: text/html,text/xml,text/plain,text/css,text/javascript,application/javascript
min-response-size: 2048
session:
timeout: 900
tomcat:
accesslog:
enabled: true
logging:
file: security.log
level: debug
path: /log
org.springframework.security: debug
spring:
aop:
auto: true
cache:
ehcache:
config: conf/ehcache.xml
thymeleaf:
cache: false
mode: HTML5
suffix: .html
prefix: classpath:/templates/
datasource:
name: test
url: jdbc:sqlite::resource:data/sql.db
username:
password:
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: org.sqlite.JDBC
filters: stat,wall,log4j
maxActive: 20
initialSize: 1
maxWait: 60000
minIdle: 1
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 300000
validationQuery: select 1
testWhileIdle: false
testOnBorrow: false
testOnReturn: false
poolPreparedStatements: true
maxOpenPreparedStatements: 20
mybatis:
mapper-locations: classpath:mapper/*/*.xml
4.创建authentication包,进行security的相关配置类
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/common/**","/login").permitAll().anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").failureUrl("/login-error").defaultSuccessUrl("/index").usernameParameter("username")
.passwordParameter("password").permitAll()
.and()
.logout().permitAll()
.and()
.sessionManagement().maximumSessions(1).expiredUrl("/login");
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//内存模式
//auth.inMemoryAuthentication().withUser("user").password("123456").roles("USER");
auth.userDetailsService(getUserDetailsService()).passwordEncoder(new Md5PasswordEncoder());
}
@Bean
public CustomUserDetailsService getUserDetailsService() {
return new CustomUserDetailsService();
}
}
5.自定义管理类
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private LoginMapper lMapper;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
System.out.println(s);
UserSession userSession = lMapper.getUserSessionInfoByUser(s);
System.out.println(JSON.toJSONString(userSession));
ProUser user = new ProUser(userSession.getGuid(), userSession.getUser(), userSession.getPassword(), "1".equals(userSession.getEnable()) ? true : false);
return user;
}
}
到这里Security的相关配置阶段完成。