spring boot 下 spring security 自定义登录配置与form-login属性详解

最新推荐文章于 2023-12-08 17:16:04 发布

weixin_30851409

最新推荐文章于 2023-12-08 17:16:04 发布

阅读量543

点赞数

文章标签： java

原文链接：http://www.cnblogs.com/jichen/p/9540530.html

版权

package zhet.sprintBoot;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
* @author sdcuike
* @date 2018/1/28
* @since 2018/1/28
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailsService userDetailsService;

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder( new PasswordEncoder() {
@Override
public String encode(CharSequence charSequence) {
return charSequence.toString();
}

@Override
public boolean matches(CharSequence charSequence, String s) {
return s.equals(charSequence.toString());
}
});
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// 设置登陆页
.formLogin()

// login22.html 在 static 文件夹下
.loginPage("/login22.html")

//自定义登录页的 action = "/login"
.loginProcessingUrl("/login") // 自定义的登录接口

// 设置登陆成功页
.defaultSuccessUrl("/home.html")
.failureUrl("/loginFaile.html").permitAll()
.and().authorizeRequests()
// .antMatchers("/login").permitAll()
.anyRequest().authenticated();

// 如果有允许匿名的url，填在下面
// .antMatchers().permitAll()

// 自定义登陆用户名和密码参数，默认为username和password
// .usernameParameter("username")
// .passwordParameter("password")
// .and()
// .logout().permitAll()

// 关闭CSRF跨域
http.csrf().disable();
}

@Override
public void configure(WebSecurity web) throws Exception {
// 设置拦截忽略文件夹，可以对静态资源放行
web.ignoring().antMatchers("/css/**", "/js/**");
}
}

转载于:https://www.cnblogs.com/jichen/p/9540530.html

weixin_30851409

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
spring boot 下 spring security 自定义登录配置与form-login属性详解

package zhet.sprintBoot;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotatio...
复制链接

扫一扫