Spring Security 是针对Spring项目的安全框架,也是Spring Boot底层安全模
块默认的技术选型,他可以实现强大的Web安全控制,对于安全控制,我们仅需要
引入 spring-boot-starter-security 模块,进行少量的配置,即可实现强大的
安全管理!
使用步骤:
1:加入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2:编写配置类
package com.dongmu.config;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
/*链式编程*/
/*授权*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").permitAll()
.antMatchers("/level1/**").hasRole("vip1")
.antMatchers("/level2/**").hasRole("vip2")
.antMatchers("/level3/**").hasRole("vip3");
http.formLogin().loginPage("/toLogin");
http.csrf().disable();
http.logout().logoutSuccessUrl("/toLogin");
http.rememberMe().rememberMeParameter("remember");
}
/*认证*/
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("dongmu").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1","vip2")
.and()
.withUser("root").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1","vip2","vip3")
.and()
.withUser("guest").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1");
}
}
更多详情:https://blog.csdn.net/Sgxlebron/article/details/122757103
扫一扫
1511
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
