Spring Security自定义设计理解

最新推荐文章于 2024-06-30 10:23:22 发布
最新推荐文章于 2024-06-30 10:23:22 发布
阅读量248 收藏 1
点赞数
分类专栏: 开发日记 文章标签: spring security
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_33704632/article/details/91362208
版权

研究了很久的Security,以下是我对它的一些理解,先贴上代码,本案例是给手机端做Rest接口,包括两种登录方式(用户名密码登录,短信验证码登录),结合JWT token安全验证。

主配置代码

package com.aiot.manager.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @author zhangwj
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    private String[] excludeUrl = {"/message/getCode/*", "/login/refreshToken"};

    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    @Autowired
    private UserService userService;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new MyPasswordEncoder();
    }

    @Autowired
    private MobileCodeAuthProvider mobileCodeAuthProvider;

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Bean()
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    public MobileCodeAuthenticationFilter mobileCodeAuthenticationFilter() {
        MobileCodeAuthenticationFilter filter = new MobileCodeAuthenticationFilter();
        filter.setAuthenticationManager(authenticationManager);
        filter.setAuthenticationSuccessHandler(new GoAuthenticationSuccessHandler());
        filter.setAuthenticationFailureHandler(new GoAuthenticationFailureHandler());
        return filter;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                .httpBasic().authenticationEntryPoint(new GoAuthenticationEntryPoint()).and().authorizeRequests().antMatchers(excludeUrl).permitAll()
                .antMatchers("/**").authenticated().anyRequest().permitAll().and().formLogin().loginProcessingUrl("/login/password").usernameParameter("userName").passwordParameter("password")
                .successHandler(new GoAuthenticationSuccessHandler())
                .failureHandler(new GoAuthenticationFailureHandler()).permitAll().and().logout().logoutUrl("/login/out")
                .logoutSuccessHandler(new GoLogoutSuccessHandler());


        http.addFilter(mobileCodeAuthenticationFilter()).addFilter(jwtAuthenticationTokenFilter);

        http.exceptionHandling()
                .accessDeniedHandler(new GoAccessDeniedHandler());

    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        mobileCodeAuthProvider.setUserService(userService);
        auth.authenticationProvider(mobileCodeAuthProvider).userDetailsService(userService);
    }
}

 自定义短信验证filter

package com.aiot.manager.security;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

/**
 * 短信验证码
 * @author zhangwj
 */
public class MobileCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {

	public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "userName";
	public static final String SPRING_SECURITY_FORM_MSGCODE_KEY = "msgCode";

	private boolean postOnly = true;

	public MobileCodeAuthenticationFilter() {
		super(new AntPathRequestMatcher("/login/code", "POST"));
	}

	@Override
	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
			throws AuthenticationException, IOException, ServletException {
		String key = "POST";
		if (postOnly && !key.equals(request.getMethod())) {
			throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
		}

		MobileCodeAuthenticationToken authRequest = new MobileCodeAuthenticationToken(getUserName(request),
				getMsgCode(request));
		setDetails(request, authRequest);
		return this.getAuthenticationManager().authenticate(authRequest);
	}

	protected String getUserName(HttpServletRequest request) {
		return request.getParameter(SPRING_SECURITY_FORM_USERNAME_KEY);
	}

	protected String getMsgCode(HttpServletRequest request) {
		return request.getParameter(SPRING_SECURITY_FORM_MSGCODE_KEY);
	}

	protected void setDetails(HttpServletRequest request, MobileCodeAuthenticationToken authRequest) {
		authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
	}
}

 

package com.aiot.manager.security;

import java.util.Collection;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.SpringSecurityCoreVersion;

/**
 * @author zhangwj
 */
public class MobileCodeAuthenticationToken extends AbstractAuthenticationToken {

	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

	private final Object principal;
	private Object credentials;

	public MobileCodeAuthenticationToken(Object principal, Object credentials) {
		super(null);
		this.principal = principal;
		this.credentials = credentials;
	}

	public MobileCodeAuthenticationToken(Object principal, Object credentials,
			Collection<? extends GrantedAuthority> authorities) {
		super(authorities);
		this.principal = principal;
		this.credentials = credentials;
		super.setAuthenticated(true);
	}

	@Override
	public Object getCredentials() {
		return this.credentials;
	}

	@Override
	public Object getPrincipal() {
		return this.principal;
	}

	public void setCredentials(Object credentials) {
		this.credentials = credentials;
	}

}

package com.aiot.manager.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

/**
 * 手机短信登录验证
 *
 * @author zhangwj
 */
@Component
@PropertySource(value = {"classpath:config.properties"}, encoding = "UTF-8")
public class MobileCodeAuthProvider implements AuthenticationProvider {

    @Value(value = "${message.redis.key}")
    private String REDIS_KEY;

    private UserService userService;

    @Autowired
    private RedisTemplate<String, String> redisTemplate;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        MobileCodeAuthenticationToken authenticationToken = (MobileCodeAuthenticationToken) authentication;
        String mobile = (String) authenticationToken.getPrincipal();
        String code = (String) authenticationToken.getCredentials();
        if (StringUtils.hasText(mobile) && StringUtils.hasText(code)) {
            String oldCode = redisTemplate.opsForValue().get(REDIS_KEY + mobile);
            if (StringUtils.hasText(oldCode)) {
                if (oldCode.equals(code)) {
                    UserDetails userDetails = userService.loadUserByUsername(mobile);
                    MobileCodeAuthenticationToken authenticationResult = new MobileCodeAuthenticationToken(userDetails, "",
                            userDetails.getAuthorities());
                    authenticationResult.setDetails(authenticationToken.getDetails());
                    return authenticationResult;
                }
            }
        }
        return null;
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return MobileCodeAuthenticationToken.class.isAssignableFrom(authentication);
    }


    public void setUserService(UserService userService) {
        this.userService = userService;
    }

}

配置验证后处理

package com.aiot.manager.security;

import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 如果用户已经通过身份验证,试图访问受保护的(该用户没有权限的)资源
 *
 * @author zhangwj
 */
public class GoAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.INSUFFICIENTAUTHORITY.getSubCode(),ESubCodeEnum.INSUFFICIENTAUTHORITY.getSubMsg())));
        response.getWriter().flush();
    }
}

 

package com.aiot.manager.security;

import com.aiot.manager.mvc.pojo.LoginUserPojo;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.aiot.manager.publics.util.JwtTokenUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @author zhangwj
 */
@PropertySource(value = {"classpath:config.properties"}, encoding = "UTF-8")
public class GoAuthenticationSuccessHandler implements AuthenticationSuccessHandler {


    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        LoginUserPojo userDetails = (LoginUserPojo) authentication.getPrincipal();
        String access_token = JwtTokenUtils.generateToken(userDetails.getUsername(), userDetails.getUserRole(), false);
        String refresh_token = JwtTokenUtils.generateToken(userDetails.getUsername(), userDetails.getUserRole(), true);
        Map<String, String> map = new HashMap<>(6);
        map.put("user_name", userDetails.getUsername());
        map.put("user_role", userDetails.getUserRole());
        map.put("access_token", access_token);
        map.put("expires_in", JwtTokenUtils.EXPIRATION.toString());
        map.put("refresh_token", refresh_token);
        map.put("re_expires_in", JwtTokenUtils.REFRESH_EXPIRATION.toString());
        response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.LOGINSUCCESS.getSubCode(), ESubCodeEnum.LOGINSUCCESS.getSubMsg(), map)));
        response.getWriter().flush();
    }
}

package com.aiot.manager.security;

import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 如果身份验证失败时调用
 *
 * @author zhangwj
 */
public class GoAuthenticationFailureHandler implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.VALIDATIONFAILED.getSubCode(), ESubCodeEnum.VALIDATIONFAILED.getSubMsg())));
        response.getWriter().flush();
    }
}

package com.aiot.manager.security;

import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 它负责启动未经过身份验证的用户的身份验证过程(当他们试图访问受保护的资源
 *
 * @author zhangwj
 */
public class GoAuthenticationEntryPoint implements AuthenticationEntryPoint {
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.CANNOTACCESS.getSubCode(), ESubCodeEnum.CANNOTACCESS.getSubMsg())));
        response.getWriter().flush();
    }
}

package com.aiot.manager.security;

import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 注销成功
 *
 * @author zhangwj
 */
public class GoLogoutSuccessHandler implements LogoutSuccessHandler {
    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.LOGOUTSUCCESS.getSubCode(), ESubCodeEnum.LOGOUTSUCCESS.getSubMsg())));
        response.getWriter().flush();
    }
}

JWT验证filter

package com.aiot.manager.security;

import com.aiot.manager.mvc.pojo.LoginUserPojo;
import com.aiot.manager.publics.response.ESubCodeEnum;
import com.aiot.manager.publics.response.ResultUtils;
import com.aiot.manager.publics.util.JwtTokenUtils;
import com.alibaba.fastjson.JSON;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 拦截token
 *
 * @author zhangwj
 */
@Component
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {

    @Autowired
    private UserService userService;

    private String tokenHeader = "authorization";

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        String authHeader = request.getHeader(tokenHeader);
        if (JwtTokenUtils.isTokenExpired(authHeader)) {
            response.setHeader("Content-Type", "application/json;charset=utf-8");
            response.getWriter().write(JSON.toJSONString(ResultUtils.success(ESubCodeEnum.TOKENEXPIRE.getSubCode(), ESubCodeEnum.TOKENEXPIRE.getSubMsg())));
            response.getWriter().flush();
            return;
        }
        String userName = JwtTokenUtils.getClaimKeyUserNameFromToken(authHeader);
        String userRole = JwtTokenUtils.getClaimKeyUserRoleFromToken(authHeader);
        if (StringUtils.hasText(userName) && StringUtils.hasText(userRole) && SecurityContextHolder.getContext().getAuthentication() == null) {
            LoginUserPojo userDetails = (LoginUserPojo) userService.loadUserByUsername(userName);
            if (userRole.equals(userDetails.getUserRole())) {
                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
                SecurityContextHolder.getContext().setAuthentication(authentication);
            }
            filterChain.doFilter(request, response);
        }

    }
}

 其他配置代码

package com.aiot.manager.security;

import com.aiot.manager.publics.util.JwtTokenUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

/**
 * 自定义密码验证
 *
 * @author zhangwj
 */
public class MyPasswordEncoder implements PasswordEncoder {

    private static final Logger log = LoggerFactory.getLogger(MyPasswordEncoder.class);

    @Override
    public String encode(CharSequence rawPassword) {
        try {
            MessageDigest md5 = MessageDigest.getInstance("MD5");
            Base64.Encoder base64en = Base64.getEncoder();
            return base64en.encodeToString(md5.digest(rawPassword.toString().getBytes("utf-8")));
        } catch (NoSuchAlgorithmException e1) {
            log.error("密码加密失败:{}", e1);
            return null;
        } catch (UnsupportedEncodingException e2) {
            log.error("密码加密失败:{}", e2);
            return null;
        }
    }

    @Override
    public boolean matches(CharSequence rawPassword, String encodedPassword) {
        if (this.encode(rawPassword).equals(encodedPassword)) {
            return true;
        }
        return false;
    }
}

 

package com.aiot.manager.security;

import com.aiot.manager.mvc.dao.LoginUserDao;
import com.aiot.manager.mvc.pojo.LoginUserPojo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

/**
 * @author zhangwj
 */
@Service
public class UserService implements UserDetailsService {

    @Autowired
    private LoginUserDao loginUserDao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        if (StringUtils.hasText(username)) {
            LoginUserPojo loginUserPojo = loginUserDao.getLoginUserByUserName(username);
            if (loginUserPojo != null) {
                return loginUserPojo;
            }
        }
        throw new UsernameNotFoundException("用户不存在");
    }
}

package com.aiot.manager.publics.util;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.apache.tomcat.util.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;

/**
 * JWT工具类
 *
 * @author zhangwj
 */

public class JwtTokenUtils implements Serializable {

    private static final Logger log = LoggerFactory.getLogger(JwtTokenUtils.class);

    private static final String CLAIM_KEY_USERNAME = "userName";
    private static final String CLAIM_KEY_USER_ROLE = "userRole";
    private static final long serialVersionUID = -8305152446124853696L;
    private static final SignatureAlgorithm JWT_ALG = SignatureAlgorithm.HS256;
    private static final String JWT_RULE = "jwt_role";
    private static final String ISS_USER = "leShare";
    public static final Long EXPIRATION = 50L;
    public static final Long REFRESH_EXPIRATION = 172800L;
    private static final String TOKEN_HEAD = "Bearer ";

    /**
     * 从数据声明生成令牌
     *
     * @param
     * @return
     */
    public static String generateToken(final String userName, final String userRole, boolean rememberMe) {
        try {
            Map<String, Object> claims = new HashMap<>(2);
            claims.put(CLAIM_KEY_USERNAME, userName);
            claims.put(CLAIM_KEY_USER_ROLE, userRole);
            return TOKEN_HEAD + generateToken(claims, rememberMe);
        } catch (Exception e) {
            log.error("创建token失败:{}", e);
            return null;
        }
    }

    public static String getClaimKeyUserNameFromToken(String token) {
        String subject;
        try {
            final Claims claims = getClaimsFromToken(token);
            subject = claims.get(CLAIM_KEY_USERNAME).toString();
        } catch (Exception e) {
            subject = null;
        }
        return subject;
    }

    public static String getClaimKeyUserRoleFromToken(String token) {
        String subject;
        try {
            final Claims claims = getClaimsFromToken(token);
            subject = claims.get(CLAIM_KEY_USER_ROLE).toString();
        } catch (Exception e) {
            subject = null;
        }
        return subject;
    }

    private static Claims getClaimsFromToken(String token) {
        try {
            if (StringUtils.hasText(token) && token.startsWith(TOKEN_HEAD)) {
                String newToken = token.substring(TOKEN_HEAD.length());
                SecretKey key = generalKey(JWT_ALG, JWT_RULE);
                return Jwts.parser().setSigningKey(key).parseClaimsJws(newToken).getBody();
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    private static Date generateExpirationDate(Long time, Long expiration) {
        return new Date(time + expiration * 1000);
    }

    private static String generateToken(Map<String, Object> claims, boolean rememberMe) {
        long nowMillis = System.currentTimeMillis();
        Date now = new Date(nowMillis);
        SecretKey key = generalKey(JWT_ALG, JWT_RULE);
        Long expiration = EXPIRATION;
        if (rememberMe) {
            expiration = REFRESH_EXPIRATION;
        }
        return Jwts.builder().setClaims(claims).setId(UUID.randomUUID().toString())
                .setIssuedAt(now).setIssuer(ISS_USER).setExpiration(generateExpirationDate(nowMillis, expiration))
                .signWith(JWT_ALG, key).compact();
    }

    private static SecretKey generalKey(SignatureAlgorithm alg, String rule) {
        byte[] encodedKey = Base64.decodeBase64(rule);
        return new SecretKeySpec(encodedKey, alg.getJcaName());
    }

    /**
     * 验证token是否过期
     *
     * @param token
     * @return
     */
    public static boolean isTokenExpired(String token) {
        try {
            Claims claims = getClaimsFromToken(token);
            Date expiration = claims.getExpiration();
            return expiration.before(new Date());
        } catch (RuntimeException e) {
            return true;
        }
    }

}

package com.aiot.manager.publics.response;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.annotation.JSONField;

import java.io.Serializable;

/**
 * API基础响应信息。
 *
 * @param <T>
 * @author zhangwj
 */
public class ResultUtils<T> implements Serializable {

    private static final long serialVersionUID = 1L;

    /**
     * 网关code
     */
    @JSONField(name = "code")
    private String code;

    /**
     * 网关msg
     */
    @JSONField(name = "msg", ordinal = 1)
    private String msg;

    /**
     * 业务code
     */
    @JSONField(name = "sub_code", ordinal = 2)
    private String subCode;

    /**
     * 业务msg
     */
    @JSONField(name = "sub_msg", ordinal = 3)
    private String subMsg;

    /**
     * 业务data
     */
    @JSONField(name = "data", ordinal = 4)
    private T data;

    public static <T> ResultUtils<T> success(String subCode, String subMsg, T data) {
        return new ResultUtils<T>(ECodeEnum.SUCCESS.getCode(), ECodeEnum.SUCCESS.getMsg(), subCode, subMsg, data);
    }

    public static <T> ResultUtils<T> success(String subCode, String subMsg) {
        return new ResultUtils<T>(ECodeEnum.SUCCESS.getCode(), ECodeEnum.SUCCESS.getMsg(), subCode, subMsg, null);
    }

    public static <T> ResultUtils<T> fail(String subCode, String subMsg) {
        return new ResultUtils<T>(ECodeEnum.FAIL.getCode(), ECodeEnum.FAIL.getMsg(), subCode, subMsg, null);
    }

    public static <T> ResultUtils<T> fail(String subCode, String subMsg, T data) {
        return new ResultUtils<T>(ECodeEnum.FAIL.getCode(), ECodeEnum.FAIL.getMsg(), subCode, subMsg, data);
    }

    public ResultUtils() {
        super();
    }

    private ResultUtils(String code, String msg, String subCode, String subMsg, T data) {
        super();
        this.code = code;
        this.msg = msg;
        this.subCode = subCode;
        this.subMsg = subMsg;
        this.data = data;
    }

    public String getCode() {
        return code;
    }

    public void setCode(String code) {
        this.code = code;
    }

    public String getMsg() {
        return msg;
    }

    public void setMsg(String msg) {
        this.msg = msg;
    }

    public String getSubCode() {
        return subCode;
    }

    public void setSubCode(String subCode) {
        this.subCode = subCode;
    }

    public String getSubMsg() {
        return subMsg;
    }

    public void setSubMsg(String subMsg) {
        this.subMsg = subMsg;
    }

    public T getData() {
        return data;
    }

    public void setData(T data) {
        this.data = data;
    }

    public static void main(String[] args) {
        System.out.println(JSON.toJSONString(
                ResultUtils.success(ESubCodeEnum.LOGINFAIL.getSubCode(), ESubCodeEnum.LOGINFAIL.getSubMsg())));
    }
}

package com.aiot.manager.publics.response;

/**
 * @author zhangwj
 */
public enum ECodeEnum {

	SUCCESS("10000", "Success"), FAIL("10001", "Service Currently Unavailable");

	private String code;
	private String msg;

	ECodeEnum(String code, String msg) {
		this.code = code;
		this.msg = msg;
	}

	public String getCode() {
		return code;
	}

	public void setCode(String code) {
		this.code = code;
	}

	public String getMsg() {
		return msg;
	}

	public void setMsg(String msg) {
		this.msg = msg;
	}

}

package com.aiot.manager.publics.response;

/**
 * @author zhangwj
 */
public enum ESubCodeEnum {
    SUCCESS("20000", "操作成功"), FAIL("20001", "操作失败"),
    LOGINSUCCESS("20002", "登录成功"), LOGINFAIL("20003", "登录失败"),
    INSUFFICIENTAUTHORITY("20004", "权限不足"),
    CANNOTACCESS("20005", "无法访问"), VALIDATIONFAILED("20006", "验证失败"),
    LOGOUTSUCCESS("20007", "注销成功"), TOKENEXPIRE("20008", "授权过期"),
    REFRESHTOKENSUCCESS("20009", "重新授权成功"), REFRESHTOKENFAIL("20010", "重新授权失败");

    private ESubCodeEnum(String subCode, String subMsg) {
        this.subCode = subCode;
        this.subMsg = subMsg;
    }

    private String subCode;
    private String subMsg;

    public String getSubCode() {
        return subCode;
    }

    public void setSubCode(String subCode) {
        this.subCode = subCode;
    }

    public String getSubMsg() {
        return subMsg;
    }

    public void setSubMsg(String subMsg) {
        this.subMsg = subMsg;
    }

}

 

不知名的工程师
关注
专栏目录
Spring security 自定义密码加密方式的使用范例。
09-15
Spring Security 是一个强大的Java安全框架,...通过这个项目,你可以深入理解Spring Security的工作原理,并学习如何自定义其核心组件。如果你对码云不熟悉,也可以选择其他版本控制系统,如Git,进行代码托管和协作。
spring mvc 和spring security自定义登录
05-14
综上所述,结合Spring MVC和Spring Security实现自定义登录,需要理解两者的基本原理,配置合适的过滤器、认证提供者和授权规则。通过这种方式,我们可以创建一个既安全又易于维护的Web应用程序,为用户提供安全的...
盘点 Spring Security框架中的八大经典设计模式
linjingyg的博客
08-09 447
  等等,类似的很多,我就不一一赘述了。   松哥的 Spring Security 还在持续连载中,未来连载完了还会总结出更多的设计模式,这里先列出来八个和小伙伴们分享,如果小伙伴们有自己的见解,也欢迎留言补充。...
spring-security安全框架(超精细版附带流程讲解图)
最新发布
边走、边悟、迟早变好
06-30 4387
用户认证指的是:验证某个用户是否为系统中的合法主体,也就是说用户能否访问该系统。用户认证一般要求用户提供用户名和密码。系统通过校验用户名和密码来完成认证过程。 通俗点说就是系统认为用户是否能登录。 用户授权指的是验证某个用户是否有权限执行某个操作。在一个系统中,不同用户所具有的权限是不同的。比如对一个文件来说,有的用户只能进行读取,而有的用户可以进行修改。一般来说,系统会为不同的用户分配不同的角色,而每个角色则对应一系列的权限。 通俗点讲就是系统判断用户是否有权限去做某些事情。
Spring Security下你要怎么设计表结构?
bangiao的博客
06-06 568
权限是资源的集合, 这里的资源指的是软件中所有的内容,包括模块、菜单、页面、字段、操作功能(增删改查)等等。页面权限、操作权限和数据权限**页面权限:**所有系统都是由一个个的页面组成,页面再组成模块,用户是否能看到这个页面的菜单、是否能进入这个页面就称为页面权限。客户列表、客户黑名单、客户审批页面组成了客户管理这个模块。对于普通用户,不能进行审批操作,即无客户审批页面权限,在他的账号登录后侧边导航栏只显示客户列表、客户黑名单两个菜单。
SpringSecurity设计流程
TeeGm的博客
12-04 544
认证:验证当前访问系统的是不是本系统的用户,并且要确认具体是哪个用户; 授权:认证成功后确定当前用户有没有权限进行某个操作依赖 2. 认证 校验基本流程图 其实security的核心就是一个个过滤器,对于登录/资源访问的时携带内容的校验; 上个最简单的原理图(简单案例中几个比较重要的过滤器) UsernamePasswordAuthenticationFilter:当客户端填写了用户名、密码的时候,由他进行校验; **ExceptionTranslationFilter:**处理过滤器链中抛出的任何Acc
SpringSecurity-设计思想
陈海龙的格物之路
09-13 375
系统安全可分为身份认证和授权验证两个部分,spring security提供了这两种能力,本文讲述security设计思路。
Spring Security自定义登录原理及实现详解
09-07
在本文中,我们将深入探讨Spring Security自定义登录原理和实现,这对于理解和构建安全的Web应用程序至关重要。Spring Security是一个强大的安全框架,提供了丰富的功能来保护我们的应用程序,包括用户认证、授权...
SpringSecurity 2 权限基于数据库--完整DEMO(带数据库文件)
05-07
在开源的SpringSide上作权限控制的demo,附带数据库。分层清晰,设计合理,系统松散耦合。结合业界流行的安全框架精心设计开发。
Spring Security单项目权限设计过程解析
08-25
主要介绍了Spring Security单项目权限设计过程解析,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下
SpringSecurity(一):权限管理设计与实现(官文英解+源码调试+基本环境搭建)
左灯右行的爱情
06-18 1181
加油
springSecurity权限表设计
m0_63040701的博客
03-22 696
权限表设计和数据库创建
SpringSecurity(二)【整体架构】
Vinjcent
10-15 546
Spring Security 中,用户请求一个资源(通常是一个接口或者一个Java方法)需要的角色会被封装成一个 ConfigAttribute 对象,在 ConfigAttribute 中只有一个 getAttribute 方法,该方法返回一个 String 字符串,就是角色的名称。是分开的,无论使用什么样的认证方式。都不会影响授权,这是两个独立的存在,这种独立带来的好处之一,就是可以非常方便地整合一些外部的解决方案。在 Spring Security 的授权体系中,有两个关键接口。
Spring Security 架构【翻译】
weixin_32501529的博客
02-22 247
这篇指南是对Spring Security的一个入门简介,为我们提供了一个对框架底层设计的深入了解。 这里仅仅涵盖了该框架非常基础的的知识,尽管如此,本文也可以解决开发者在使用本框架的过程中的一些疑惑。 在这里,我们会看看在web应用程序中我们是如何使用filter以及更通用的方法注解两种途径将Spring Security框架应用到我们的项目中的。 当你希望从一个较高水平理解该安全框架是如...
Spring-Security设计原理
凌晨12点,说出你的知心话
05-27 123
SpringSecurity 设计原理 这是对整个Spring-Security框架的一个总体认识 对理解它的各组件功能、其工作流程和源码分析有很大帮助 以Filter为发起,使用FilterChainProxy统领整个安全处理框架。 在FilterChainProxy中根据请求路径,选择具体的securityFilterChain实现(即关于安全的filter实现),处理安全逻辑 每个security filter,作用不同。(需要关注这里filter的顺序) 有的则进行一些通常安全的
Spring Security自定义form登录流程与实现详解
本文将深入探讨Spring Security自定义登录原理及其实现过程,旨在帮助读者理解和实践在Spring Security框架中设计可扩展、灵活的表单登录功能。首先,让我们回顾一下Spring Security的核心概念和基础,它是一个强大...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值