Security有两种登陆模式:
1、Basic登陆模式
2、formLogin()登陆模式
创建一个Springboot项目
添加Pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>springabc</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springabc</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
设置端口号
server.port=8080
启动EnableWebSecurity
package com.example.springabc;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@SpringBootApplication
@EnableWebSecurity
public class SpringabcApplication {
public static void main(String[] args) {
SpringApplication.run(SpringabcApplication.class, args);
}
}
创建SecurityCofig
package com.example.springabc.securityConfig;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;
/**
* @ClassName SecurityCofig
* @Description TODO
* @Author zhurongfei
* @Data 2020/7/14 17:23
* Version 1.0
**/
@Component
public class SecurityCofig extends WebSecurityConfigurerAdapter {
/**
* 添加账户
* @param auth
* @throws Exception
*/
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//添加用户信息和权限
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("zrf").password(new BCryptPasswordEncoder().encode("zrf")).authorities("find");//添加用户名和密码 authorities权限名称
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).authorities("insert");//添加用户名和密码
}
/**
* 拦截登陆请求
* @param http
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().
antMatchers("/**d").fullyAuthenticated().and().httpBasic();
// http.authorizeRequests().
// antMatchers("/**d").fullyAuthenticated().and().formLogin();
}
}
然后创建Controller
package com.example.springabc.controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* @ClassName findUser
* @Description TODO
* @Author zhurongfei
* @Data 2020/7/14 17:20
* Version 1.0
**/
@RestController
public class findUser {
@RequestMapping("find")
public String find(){
return "查询成功!有查询权限";
}
@RequestMapping("insert")
public String insert(){
return "插入成功!有权限插入";
}
}
这就是basic模式