使用Spring Security实现自定义登录页面及相关配置、显示用户信息、退出功能
示例:
1.工程结构
1.1.它们三个可官网下载:
我的百度网盘:
链接:https://pan.baidu.com/s/17TzgQX0OVSef49aAawXf6w
提取码:0mqm
1.2.主启动类 CrowdManagerApplication.java:
2.Spring Security的依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
3.CrowdConfig.java:
@Configuration
@EnableWebSecurity
public class CrowdConfig extends WebSecurityConfigurerAdapter {
//执行权限配置,如:为指定资源分配权限,开放无需权限的资源等
@Override
protected void configure(HttpSecurity http) throws Exception {
//父类中默认进行了配置,我们将其拿到子类,按照自己的需求进行修改
http
.authorizeRequests()//进行权限设置
.anyRequest()//任何请求
.authenticated()//进行认证
// 这是ant语法,表示向后退一步,回到HttpSecurity位置的那一个级别,
// 可以认为是使用这种方式实现HttpSecurity对象通过连续调用方法实现配置,
// 每进行一个板块的配置完毕,则向后退一步回到HttpSecurity位置
.and()
.formLogin()//设置表单登录,后续可以在这里修改自定义登录页面
.loginPage("/login.html") //设置自定义的登录页面
//指定处理登录请求的路径,对应form表单的action地址
.loginProcessingUrl("/login").permitAll()
//设置接收表单提交的用户name,默认为username
.usernameParameter("account")
//设置接收表单提交的用户密码,默认为password
.passwordParameter("password")
//指定权限认证失败跳转的错误页面
.failureUrl("/login.html?login=error")
//直接访问登录页面时返回的地址,如果访问的是登录页的话返回指定的地址
.defaultSuccessUrl("/main.html",true)
//指定退出登录URL
.and().logout().logoutUrl("/logout")
// .logoutSuccessUrl("http://baidu.com") 设置退出后跳转的路径
.and().csrf().disable() //禁用csrf功能,这里暂时用不到
;
}
//设置不需要权限认证的资源
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/kaptcha","/bootstrap/**","/css/**",
"/fonts/**","/img/**","/jquery/**","/script/**","/ztree/**","/layer/**");
}
}
自定义登录页面:
4.login.html:
注:部分代码省略
<div class="container">
<form class="form-signin" role="form" th:action="@{/login}" method="post">
<h2 class="form-signin-heading"><i class="glyphicon glyphicon-log-in"></i> 管理员登录</h2>
<div class="form-group has-success has-feedback">
<input name="account" type="text" class="form-control" id="account" placeholder="请输入登录账号" autofocus>
<span class="glyphicon glyphicon-user form-control-feedback"></span>
</div>
<div class="form-group has-success has-feedback">
<input name="password" type="password" class="form-control" id="password" placeholder="请输入登录密码"
style="margin-top:10px;">
<span class="glyphicon glyphicon-lock form-control-feedback"></span>
</div>
<div class="form-group has-success has-feedback">
<img src="/kaptcha">
<button id="refresh" class="btn btn-success"><i class="glyphicon glyphicon-refresh"></i></button>
<input name="code" type="text" class="form-control" id="code" placeholder="请输入验证码"
style="margin-top:10px;">
<span class="form-control-feedback"></span>
</div>
<div class="checkbox">
<label>
<input type="checkbox" name="remember-me"> 记住我
</label>
<br>
</div>
<input type="submit" value="登录" class="form-control btn-success">
</form>
<!--显示失败信息-->
<center>
<h5 th:if="${error != null}" th:text="${error}"></h5>
</center>
在页面中显示用户信息:
5.ManagerController.java:
//springsecurity,在页面中显示用户信息
@GetMapping("/main.html")
public String main(HttpSession session){
//获取用户信息,存放到session域中
SecurityContextImpl securityContextImpl =(SecurityContextImpl)session.getAttribute("SPRING_SECURITY_CONTEXT");
Authentication authentication = securityContextImpl.getAuthentication();
//将主体转为用户详情对象
UserDetails userDetails =(UserDetails)authentication.getPrincipal();
String username = userDetails.getUsername();
session.setAttribute("username",username);
return "main";
}
6.common.html模板中:
<div id="navbar" class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li style="padding-top:8px;">
<div class="btn-group">
<button type="button" class="btn btn-default btn-success dropdown-toggle" data-toggle="dropdown">
<i class="glyphicon glyphicon-user"></i>[[${session.username}]] <span class="caret"></span>
</button>
<ul class="dropdown-menu" role="menu">
<li><a href="#"><i class="glyphicon glyphicon-cog"></i> 个人设置</a></li>
<li><a href="#"><i class="glyphicon glyphicon-comment"></i> 消息</a></li>
<li class="divider"></li>
<li><a th:href="@{/logout.do}"><i class="glyphicon glyphicon-off"></i> 退出系统</a></li>
</ul>
</div>
</li>
<li style="margin-left:10px;padding-top:8px;">
<button type="button" class="btn btn-default btn-danger">
<span class="glyphicon glyphicon-question-sign"></span> 帮助
</button>
</li>
</ul>
<form class="navbar-form navbar-right">
<input type="text" class="form-control" placeholder="查询">
</form>
</div>
实现退出功能:
当点击退出时,应清除掉用户在session中的信息,并且跳转到非权限校验的页面,如:登录页面。
7.common.html模板中:
8.错误提示:ManagerController.java中
9.ManagerController.java控制层中:
没有过多的前端调试,只为实现其功能
@GetMapping("/login.html")
public String tologin(HttpServletRequest request,Model model){
//String cr = request.getParameter("codeerror");
// if(cr !=null){
// model.addAttribute("error","验证码输入错误!请重试");
// }
String lo = request.getParameter("login");
if(lo !=null){
model.addAttribute("error","帐号或密码错误,登录失败!请重试");
}
return "login";
}
9.login.html中:
10.application.yml配置文件中:
spring:
datasource:
driver-class-name: com.mysql.jdbc.Driver
url: jdbc:mysql://localhost:3306/kmu_crowd?characterEncoding=utf8
username: root
password: root
11.pom.xml文件中:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.kmu</groupId>
<artifactId>crowd-manager</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>crowd-manager</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<spring-boot.version>2.3.0.RELEASE</spring-boot.version>
</properties>
<dependencies>
<!-- https://mvnrepository.com/artifact/com.github.penggle/kaptcha -->
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>2.3.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.3.7</version>
</dependency>
<!--mybatisPlus-->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.3.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
<version>5.1.38</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.8</source>
<target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
<resources>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.xml</include>
</includes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>**/*.woff</exclude>
<exclude>**/*.woff2</exclude>
<exclude>**/*.ttf</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>**/*.woff</include>
<include>**/*.woff2</include>
<include>**/*.ttf</include>
</includes>
</resource>
</resources>
</build>
</project>
如有遗漏,敬请谅解