1、引进依赖包
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf-spring5</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2、编写index.html及其其他跳转页面,index.html必须放置于templates的根目录
1、index.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>Signin Template for Bootstrap</title>
</head>
<body>
<p th:text="'Welcome To ' + ${userName} ">Blank</p>
<hr>
<P><a th:href="@{/admin/toadmin}">去管理员界面</a></P>
<P><a th:href="@{/vister/tovister}">去用户界面</a></P>
</body>
</html>
2、visiter.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>Signin Template for Bootstrap</title>
</head>
<body>
<p>游客</P>
</body>
</html>
3、admin.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>Signin Template for Bootstrap</title>
</head>
<body>
<P>管理员</P>
</body>
</html>
3、controller控制器
1、SecurityController.java
package com.example.demo.controller;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class SecurityController {
@RequestMapping("/login")
public String toLogin(){
return "home";
}
@RequestMapping({"/index","/"})
public String login(String name, String password, Model model){
System.out.println(name);
System.out.println(password);
model.addAttribute("userName","springCurity");
return "index";
}
@RequestMapping("/admin/toadmin")
public String toAdmin(){
return "admin";
}
@RequestMapping("/vister/tovister")
public String tovister(){
return "visiter";
}
}
4、配置springsecurity
package com.example.demo.config;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/","/index").permitAll()
.antMatchers("/admin/**").hasRole("ADMIN")
.antMatchers("/vister/**").hasRole("VISTER")
.and()
.formLogin();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//模拟数据从数据库库取出
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("ly").password(new BCryptPasswordEncoder().encode("123")).roles("VISTER")
.and().withUser("admin").password(new BCryptPasswordEncoder().encode("123")).roles("ADMIN","VISTER");
}
}
5、测试
1、localhost:8080(主界面)
2、登录界面
localhost:8080/login