1.环境搭建:JDK1.8+IDEA+Mybatis
2.导入依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.mybatis.spring.boot/mybatis-spring-boot-starter -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.22</version>
</dependency>
3.连接数据库(采用Mybatis框架)
3.1 编写UserDao接口
package com.example.demo.dao;
import com.example.demo.pojo.person;
import org.apache.ibatis.annotations.Mapper;
import org.springframework.stereotype.Repository;
@Repository
@Mapper
public interface UserDao {
public person showUser(String username);
}
3.2 编写mapper.xml文件
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.example.demo.dao.UserDao">
<select id="showUser" resultType="person">
select * from t_user WHERE username=#{username}
</select>
</mapper>
3.3编写.yml文件+实现映射
spring:
datasource:
username: root
password: 123456
url: jdbc:mysql://localhost:3306/book
driver-class-name: com.mysql.cj.jdbc.Driver
mybatis:
type-aliases-package: com.example.demo.pojo
mapper-locations: classpath:mapper/*.xml
3.4编写person类
package com.example.demo.pojo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@AllArgsConstructor
@NoArgsConstructor
public class person {
String username;
String password;
String auth;
}
4.导入静态资源(web静态资源)
4.1采用thymeleaf模板引擎技术加载
4.2由于安全框架有内置的登录页,此处不在使用index.html
5.编写SecurityConfig类
package com.example.demo.config;
import com.example.demo.service.MyUserDetails;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired//注入service层配置
private MyUserDetails userService;
@Override//请求
protected void configure(HttpSecurity http) throws Exception {
System.out.println ("这里执行了请求授权" );
http.authorizeRequests().antMatchers ( "/index" ).permitAll ();
http.authorizeRequests ().antMatchers ( "/main" ).hasAuthority ( "vip1" );
http.authorizeRequests ().antMatchers ( "/list" ).hasAuthority ( "vip2" );
http.formLogin ();
http.rememberMe ();
http.logout ();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
System.out.println ("这里请求了安全认证" );
//用数据库验证用户
auth.userDetailsService ( userService ).passwordEncoder ( password() );
}
@Bean
public PasswordEncoder password(){
//密码加密
return new BCryptPasswordEncoder ( );
}
}
此处实现数据库授权有两种方式:
1.hasrole方式(不推荐):
2.hasAuthority方法(可以与数据库结合)
两者一起使用
6.编写MyUserDetails类(具体源码请看此篇文章)
package com.example.demo.service;
import com.example.demo.dao.UserDao;
import com.example.demo.pojo.person;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.List;
@Service("userService")
public class MyUserDetails implements UserDetailsService {
@Autowired
public UserDao userdao;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
person person = userdao.showUser ( username );
System.out.println ( person );
if (person == null) {
System.out.println ( "不存在该用户" );
}
List<GrantedAuthority> auths= AuthorityUtils.commaSeparatedStringToAuthorityList (person.getAuth () );
return new User(person.getUsername (),new BCryptPasswordEncoder ().encode (person.getPassword ()),auths );
}}
运行结果:
进去之后根据系统认证之后,不同的用户根据不同的权限进入不同的界面。。。