Spring Securit学习笔记之整合Spring Boot
1. 创建Spring Boot项目,配置pom.xml
......
< properties>
< project.build.sourceEncoding> UTF-8</ project.build.sourceEncoding>
< maven.compiler.source> 1.7</ maven.compiler.source>
< maven.compiler.target> 1.7</ maven.compiler.target>
< thymeleaf.version> 3.0.2.RELEASE</ thymeleaf.version>
< thymeleaf-layout-dialect.version> 2.0.4</ thymeleaf-layout-dialect.version>
</ properties>
< parent>
< groupId> org.springframework.boot</ groupId>
< artifactId> spring-boot-starter-parent</ artifactId>
< version> 1.5.4.RELEASE</ version>
</ parent>
< dependencies>
< dependency>
< groupId> org.springframework.boot</ groupId>
< artifactId> spring-boot-starter-web</ artifactId>
</ dependency>
< dependency>
< groupId> org.springframework.boot</ groupId>
< artifactId> spring-boot-starter-thymeleaf</ artifactId>
</ dependency>
</ dependencies>
......
2. 编写 SpringBoot 启动类
package com. example;
import org. springframework. boot. SpringApplication;
import org. springframework. boot. autoconfigure. SpringBootApplication;
@SpringBootApplication
public class SpringSecuritySBApplication {
public static void main ( String[ ] args) {
SpringApplication. run ( SpringSecuritySBApplication. class , args) ;
}
}
3. 编写 SpringSecurityConfig 配置类
1. 导入Spring Security坐标
< dependency>
< groupId> org.springframework.security</ groupId>
< artifactId> spring-security-web</ artifactId>
< version> 4.2.3.RELEASE</ version>
</ dependency>
< dependency>
< groupId> org.springframework.security</ groupId>
< artifactId> spring-security-config</ artifactId>
< version> 4.2.3.RELEASE</ version>
</ dependency>
2. 整合 Spring Security - HttpBasic 权限实现
package com. example. config;
import org. springframework. context. annotation. Configuration;
import org. springframework. security. config. annotation. authentication. builders. AuthenticationManagerBuilder;
import org. springframework. security. config. annotation. web. builders. HttpSecurity;
import org. springframework. security. config. annotation. web. configuration. EnableWebSecurity;
import org. springframework. security. config. annotation. web. configuration. WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure ( HttpSecurity http) throws Exception {
http. authorizeRequests ( )
. antMatchers ( "/**" )
. fullyAuthenticated ( )
. and ( )
. httpBasic ( )
;
}
/ / 该方法的作用就是代替之前配置:< security: authentication- manager>
@Override
protected void configure ( AuthenticationManagerBuilder auth) throws Exception {
auth. inMemoryAuthentication ( ) . withUser ( "user" ) . password ( "123456" ) . authorities ( "PRODUCT_ADD" ) ;
}
}
3. 整合 Spring Security - FormLogin 权限实现
package com. example. config;
import org. springframework. context. annotation. Configuration;
import org. springframework. security. config. annotation. authentication. builders. AuthenticationManagerBuilder;
import org. springframework. security. config. annotation. web. builders. HttpSecurity;
import org. springframework. security. config. annotation. web. configuration. EnableWebSecurity;
import org. springframework. security. config. annotation. web. configuration. WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure ( HttpSecurity http) throws Exception {
http. authorizeRequests ( )
. antMatchers ( "/**" )
. fullyAuthenticated ( )
. and ( )
. formLogin ( )
;
}
/ / 该方法的作用就是代替之前配置:< security: authentication- manager>
@Override
protected void configure ( AuthenticationManagerBuilder auth) throws Exception {
auth. inMemoryAuthentication ( ) . withUser ( "user" ) . password ( "123456" ) . authorities ( "PRODUCT_ADD" ) ;
}
}
4. 编写Controller
MainController.javapackage com. example. controller;
import org. springframework. web. bind. annotation. RequestMapping;
public class MainController {
@RequestMapping ( "index" )
public String index ( ) {
return "index" ;
}
}
ProductController.javapackage com. example. controller;
import org. springframework. stereotype. Controller;
import org. springframework. web. bind. annotation. RequestMapping;
@Controller
@RequestMapping ( "product" )
public class ProductController {
@RequestMapping ( "add" )
public String add ( ) {
return "product/add" ;
}
@RequestMapping ( "update" )
public String update ( ) {
return "product/update" ;
}
@RequestMapping ( "delete" )
public String delete ( ) {
return "product/delete" ;
}
@RequestMapping ( "list" )
public String list ( ) {
return "product/list" ;
}
}
5. 编写页面