自定义认证类
创建UserDetailsServiceImpl.java 实现 UserDetailsService 接口
添加get set方法,重写loadUserByUsername方法
package com.zym.shop.service;
import java.util.ArrayList;
import java.util.List;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import com.kaola.pojo.TbSeller;
import com.kaola.sellergoods.service.SellerService;
public class UserDetailServiceImpl implements UserDetailsService {
private SellerService sellerService;
public void setSellerService(SellerService sellerService) {
this.sellerService = sellerService;
}
@Override
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException {
List<GrantedAuthority> authorities=new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
//根据id来查询用户名
TbSeller seller = sellerService.findOne(username);
if(seller==null){
return null;
}
if(!seller.getStatus().equals("1")){
return null;
}
return new User(username, seller.getPassword(), authorities);
}
}
配置文件
spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<bean:beans xmlns="http://www.springframework.org/schema/security"
xmlns:bean="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:dubbo="http://code.alibabatech.com/schema/dubbo"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd">
<!-- 配置放行资源 -->
<!--<http pattern="/seller/*" security="none"></http>-->
<!--<http pattern="/login/name.do" security="none"></http>-->
<http pattern="/login.html" security="none"></http>
<http pattern="/register.html" security="none"></http>
<http pattern="/login_error.html" security="none"></http>
<http pattern="/css/**" security="none"></http>
<http pattern="/img/**" security="none"></http>
<http pattern="/js/**" security="none"></http>
<http pattern="/plugins/**" security="none"></http>
<!-- 配置拦截资源 -->
<http>
<!-- 拦截路径 "/*"拦截根目录下所有资源 access="hasRole('ROLE_USER')" 代表拥有的角色 代表用户权限 ROLE_前缀-->
<intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>
<!-- login-page="/login.html" 默认登录地址
default-target-url="/index.html" 登录成功后跳转的页面
default-target-url="/index.html" always-use-default-target="true" 必须结合使用
authentication-failure-url="/login_error.html" 登录失败跳转该页面
-->
<form-login login-page="/login.html"
default-target-url="/admin/index.html"
always-use-default-target="true"
authentication-failure-url="/login_error.html"
/>
<logout/>
<!-- 关闭跨域攻击 -->
<csrf disabled="true"/>
<headers>
<frame-options policy="SAMEORIGIN"/>
</headers>
<!--注销-->
<logout/>
</http>
<!-- 配置认证管理器
1.提供者
2.提供者配置用户名 和密码
authorities=""拥有的权限
-->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailService">
<password-encoder ref="bcryptEncoder"></password-encoder>
</authentication-provider>
</authentication-manager>
<!--dubbo配置-->
<dubbo:application name="shop-manager-web" />
<dubbo:registry address="zookeeper://192.168.100.101:2181"/>
<dubbo:reference id="sellerService"
interface="com.zym.sellersgood.service.SellerService" >
</dubbo:reference>
<!--实例化你的自定义认证类-->
<bean:bean id="userDetailService"
class="com.zym.shop.service.UserDetailsServiceImpl">
<bean:property name="sellerService" ref="sellerService"></bean:property>
</bean:bean>
<!--加密算法-->
<bean:bean id="bcryptEncoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
</bean:beans>
springmvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:dubbo="http://code.alibabatech.com/schema/dubbo" xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
<bean class="com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter">
<property name="supportedMediaTypes" value="application/json"/>
<property name="features">
<array>
<value>WriteMapNullValue</value>
<value>WriteDateUseDateFormat</value>
</array>
</property>
</bean>
</mvc:message-converters>
</mvc:annotation-driven>
<!-- 引用dubbo 服务 -->
<!--<dubbo:application name="shop-web" />-->
<!--<dubbo:registry address="zookeeper://192.168.100.101:2181"/>-->
<!--<dubbo:annotation package="com.zym.shop.controller" />-->
<!--<dubbo:reference timeout="4000" retries="0" interface="com.zym.sellersgood.service.BrandService" id="BrandService" registry="globalRegistry"/>-->
<dubbo:annotation package="com.zym.shop.controller" />
</beans>
使用Security
前端
需要post方法,action=login
<form class="sui-form" action="/login" method="post" id="formlogin">
<div class="logined">
<a class="sui-btn btn-block btn-xlarge btn-danger" onclick="document:formlogin.submit()"target="_blank">登 录</a>
</div>
</form>
显示用户名
js文件
indexController.js
app2.controller("indexController",function ($scope,$controller,loginService) {
$controller('baseController',{$scope:$scope});
$scope.getUserName=function () {
loginService.getName().success(function (response) {
$scope.name=response.loginName;
})
}
})
后端代码
loginController.java
package com.zym.shop.controller;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
@RestController
@RequestMapping("/login")
public class LoginController {
@RequestMapping("/name")
public Map name(){
String name = SecurityContextHolder.getContext().getAuthentication().getName();
Map map = new HashMap<>();
map.put("loginName",name);
return map;
}
}
密码加密(BCrypt 加密算法)
用户表的密码通常使用 MD5 等不可逆算法加密后存储,为防止彩虹表破解更会先使用
一个特定的字符串(如域名)加密,然后再使用一个随机的 salt(盐值)加密。 特定字符
串是程序代码中固定的,salt 是每个密码单独随机,一般给用户表加一个字段单独存储,比
较麻烦。 BCrypt 算法将 salt 随机并混入最终加密后的密码,验证时也无需单独提供之前的
salt,从而无需单独处理 salt 问题。
后端代码
/**
* 增加
* @param seller
* @return
*/
@RequestMapping("/add")
public Result add(@RequestBody TbSeller seller){
//密码加密
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String password = passwordEncoder.encode(seller.getPassword());
seller.setPassword(password);
try {
sellerService.add(seller);
return new Result(true, "增加成功");
} catch (Exception e) {
e.printStackTrace();
return new Result(false, "增加失败");
}
}