1、编写配置文件
- 在application配置文件中可以声明一个账号用于登录
spring.security.user.name=admin
spring.security.user.password=123456
spring.security.user.roles="admin","customer"
2、编写配置类
- 编写配置类需要继承WebSecurityConfigurerAdapter类,重写configure(AuthenticationManagerBuilder auth)方法
//继承@Configuration注解
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication() //内存中
.passwordEncoder(bCryptPasswordEncoder()) //加密解密工具类
.withUser("admin") //账户名
.password(bCryptPasswordEncoder().encode("12345")) //密码
.roles("admin","customer"); //用户角色
}
// 加密类, 不唯一; 官方推荐使用BCryptPasswordEncoder。
@Bean
BCryptPasswordEncoder bCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}
3、自定义实现类设置
-
编写实现类实现UserDetailsService接口,返回User对象(Security中自带的pojo)
-
显然操作数据库使用这种自定义的配置,可以这里注入Dao层进行操作数据库。
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
BCryptPasswordEncoder bCryptPasswordEncoder;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 1. 账号密码
String account = "root";
String password = bCryptPasswordEncoder.encode("1234");
// 2. 账号权限
List<GrantedAuthority> list = new ArrayList<>();
//这里用户角色必须加上前缀ROLE_
list.add(new SimpleGrantedAuthority("ROLE_" + "admin"));
list.add(new SimpleGrantedAuthority("ROLE_" + "customer"));
return new User(account, password, list);
}
}
- 创建配置类,将实现类注入进去并且设置使用即可。
//继承@Configuration注解
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
@Bean
BCryptPasswordEncoder bCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}