2021-04-08

最新推荐文章于 2024-11-06 09:23:18 发布

竹酒

最新推荐文章于 2024-11-06 09:23:18 发布

阅读量61

点赞数

文章标签： spring

本文链接：https://blog.csdn.net/weixin_43814361/article/details/115499184

版权

springSecurity

Authentication:(认证)用户名和密码三种方式
方式一、spring配置文件中配置(此处是使用的.properties格式文件)

spring.application.name=securitydemo1
server.port=8111
spring.security.user.name=123
spring.security.user.password=123

方式二、配置类的方式如下(如使用，需要改包名和加载依赖)

package cn.gao.securitydemo1.cn.gao.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * Description:
 * @author Administrator
 * 
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
      BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        String password = passwordEncoder.encode("123");
        auth.inMemoryAuthentication().withUser("user").password(password).roles("admin");
    }
    @Bean
    public PasswordEncoder getPasswordEncoder(){
       return new BCryptPasswordEncoder();
    }
}

方式三、使用查询数据库方式
配置类

package cn.gao.securitydemo1.cn.gao.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import sun.security.util.Password;

/**
 * Description:
 * @author Administrator
 *
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private UserDetailsService userDetailsService;
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {    auth.userDetailsService(userDetailsService).passwordEncoder(getPasswordEncoder());
    }
    @Bean
    public PasswordEncoder getPasswordEncoder(){
       return new BCryptPasswordEncoder();
    }
}

自定义MyUserDetailsService 实现scurity的UserDetailsService

package cn.gao.securitydemo1.cn.gao.service;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import java.util.List;

/**
 * Description
 */
@Service("userDetailsService")
public class MyuserDetailsService implements UserDetailsService {
    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
        List<GrantedAuthority> authorities = AuthorityUtils.commaSeparatedStringToAuthorityList("role");
        //此处的User需要我们自己的，但是这里为了演示使用了security里的User,后面注释就是使用了自定义的user实现类
        return new User("user",new BCryptPasswordEncoder().encode("123"),authorities);
        //return new MyUserDetails("user",new BCryptPasswordEncoder().encode("123"),authorities);
    }
}