创建Spring Boot 项目（3）

一、添加权限框架Spring Security

（1）添加相关依赖；

第一步、在项目pom.xml文件中添加依赖：

<dependency>
   <groupId>org.springframework.boot</groupId>
   <artifactId>spring-boot-starter-security</artifactId>
</dependency>

（2）简单模式测试；

第二步、简单模式测试，直接访问http://localhost:8080/

（3）添加配置测试；

第三步、添加配置测试，直接访问http://localhost:8080/：
（1）创建配置类：

package com.example.Shixun1.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .passwordEncoder(new MyPasswordEncoder())
                .withUser("admin")
                 .password(new MyPasswordEncoder().encode("123456"))
                 .roles("ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.authorizeRequests()
               .antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
                .logout().permitAll()
                .and()
                .formLogin();
        http.csrf().disable();
    }
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/js/**", "/css/**", "/images/**");

    }
}

（2）添加接口方法：

package com.example.Shixun1.controller;

import com.example.Shixun1.entity.SysUser;
import com.example.Shixun1.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Date;
import java.util.List;

@RestController
public class SysUserController {


    @Autowired
    private SysUserService sysUserService;

    @GetMapping("/")
    public String index(){
        return "欢迎访问";
    }

    @GetMapping("/getUser")
public SysUser getUser(Long id){
        return sysUserService.getById(id);
    }
    @PostMapping("/addUser")
    public  String addUser(SysUser sysUser){
        sysUser.setCreateTime(new Date());
        return sysUserService.save(sysUser)? "保存成功":"保存失败";
    }
    @PutMapping("/updateUser")
    public String updateUser(SysUser sysUser){
        return  sysUserService.updateById(sysUser) ? "修改成功":"修改失败";
    }
    @GetMapping("/list")
    public List<SysUser> list(){
        return sysUserService.list();

    }

}

（4）添加内存账号测试；

（2）添加接口方法：

package com.example.Shixun1.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .passwordEncoder(new MyPasswordEncoder())
                .withUser("admin")
                 .password(new MyPasswordEncoder().encode("123456"))
                 .roles("ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.authorizeRequests()
               .antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
                .logout().permitAll()
                .and()
                .formLogin();
        http.csrf().disable();
    }
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/js/**", "/css/**", "/images/**");

    }
}

（2）访问http://localhost:8080/getList ,输入账号ADMIN，密码123456：

（5）添加自定义密码编解码测试；

（1）创建自定义密码编解码类：

public class MyPasswordEncoder implements PasswordEncoder {

    final static String ENCODER_PWD = "123456";

    @Override
    public String encode(CharSequence rawPassword) {
        return rawPassword + ENCODER_PWD;
    }

    @Override
    public boolean matches(CharSequence rawPassword, String encodedPassword) {
        return encodedPassword.equals(rawPassword+ENCODER_PWD);
    }
}

（2）修改配置用户密码编解码方式：

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication().passwordEncoder(new
    MyPasswordEncoder()).withUser("admin").password(new
    MyPasswordEncoder().encode("123456")).roles("ADMIN");
}

（3）访问http://localhost:8080/getList ,输入账号admin，密码123456：