spring security 用户角色权限登录配置

最新推荐文章于 2023-06-08 10:12:21 发布
最新推荐文章于 2023-06-08 10:12:21 发布
阅读量511 收藏 2
点赞数
分类专栏: security 文章标签: spring boot java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_46453221/article/details/119864634
版权

Spring Boot 权限管理 角色-权限-用户 SecurityConfig RESTful API
关键词由CSDN通过智能技术生成

1.准备数据库表

在这里插入图片描述

/*
 Navicat Premium Data Transfer

 Source Server         : khm1
 Source Server Type    : MySQL
 Source Server Version : 50734
 Source Host           : localhost:3306
 Source Schema         : security

 Target Server Type    : MySQL
 Target Server Version : 50734
 File Encoding         : 65001

 Date: 23/08/2021 10:49:32
*/

SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;

-- ----------------------------
-- Table structure for permission
-- ----------------------------
DROP TABLE IF EXISTS `permission`;
CREATE TABLE `permission`  (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `pname` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of permission
-- ----------------------------
INSERT INTO `permission` VALUES (1, '/admin/**');
INSERT INTO `permission` VALUES (2, '/user/**');
INSERT INTO `permission` VALUES (3, '/dba/**');

-- ----------------------------
-- Table structure for role
-- ----------------------------
DROP TABLE IF EXISTS `role`;
CREATE TABLE `role`  (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `rname` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  `rnameZh` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of role
-- ----------------------------
INSERT INTO `role` VALUES (1, 'ROLE_admin', '管理员');
INSERT INTO `role` VALUES (2, 'ROLE_user', '普通用户');
INSERT INTO `role` VALUES (3, 'ROLE_dba', '数据库管理员');

-- ----------------------------
-- Table structure for role_permission
-- ----------------------------
DROP TABLE IF EXISTS `role_permission`;
CREATE TABLE `role_permission`  (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `rid` int(11) NOT NULL,
  `pid` int(11) NOT NULL,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 7 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of role_permission
-- ----------------------------
INSERT INTO `role_permission` VALUES (1, 1, 1);
INSERT INTO `role_permission` VALUES (2, 1, 2);
INSERT INTO `role_permission` VALUES (3, 2, 2);
INSERT INTO `role_permission` VALUES (4, 3, 2);
INSERT INTO `role_permission` VALUES (5, 3, 3);
INSERT INTO `role_permission` VALUES (6, 1, 3);

-- ----------------------------
-- Table structure for user
-- ----------------------------
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user`  (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `username` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  `password` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  `gender` tinyint(1) NOT NULL DEFAULT 1,
  `nonLocked` tinyint(1) NULL DEFAULT 1,
  `enabled` tinyint(1) NULL DEFAULT 1,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of user
-- ----------------------------
INSERT INTO `user` VALUES (1, 'root', '$2a$10$Z7tAYN0UaT6y.Mg40Ir3QOyz78mp/7jjgaV3KRyuMxIMbodtADH8C', 0, 1, 1);
INSERT INTO `user` VALUES (2, 'admin', '$2a$10$Z7tAYN0UaT6y.Mg40Ir3QOyz78mp/7jjgaV3KRyuMxIMbodtADH8C', 1, 1, 1);
INSERT INTO `user` VALUES (3, 'user', '$2a$10$Z7tAYN0UaT6y.Mg40Ir3QOyz78mp/7jjgaV3KRyuMxIMbodtADH8C', 1, 1, 1);

-- ----------------------------
-- Table structure for user_role
-- ----------------------------
DROP TABLE IF EXISTS `user_role`;
CREATE TABLE `user_role`  (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `uid` int(11) NOT NULL,
  `rid` int(11) NOT NULL,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 6 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of user_role
-- ----------------------------
INSERT INTO `user_role` VALUES (1, 1, 1);
INSERT INTO `user_role` VALUES (2, 1, 2);
INSERT INTO `user_role` VALUES (3, 2, 2);
INSERT INTO `user_role` VALUES (4, 3, 2);
INSERT INTO `user_role` VALUES (5, 1, 3);

SET FOREIGN_KEY_CHECKS = 1;

2.配置代码

1.application.properties

server.port=8080

spring.application.name=khm_security

spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/security?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&verifyServerCertificate=false&useSSL=false
spring.datasource.username=root
spring.datasource.password=root

logging.level.com.example.spring_security.mapper=debug
2.pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.5.4</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>org.khm</groupId>
    <artifactId>spring_security01</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>spring_security01</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>11</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>2.2.0</version>
        </dependency>

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
        <resources>
            <resource>
                <directory>src/main/java</directory>
                <includes>
                    <include>**/*.xml</include>
                </includes>
            </resource>
            <resource>
                <directory>src/main/resources</directory>
            </resource>
        </resources>
    </build>

</project>

3.Java代码

1.SecurityConfig
package org.khm.config;

import org.khm.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    MyFilterInvocationSecurityMetadataSource myFilterInvocationSecurityMetadataSource;
    @Autowired
    MyAccessDecisionManager myAccessDecisionManager;

    @Bean
    PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Autowired
    UserService userService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService);
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/index","/login");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
//                .antMatchers("/index").permitAll()
                .withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {

                    @Override
                    public <O extends FilterSecurityInterceptor> O postProcess(O o) {
                        o.setSecurityMetadataSource(myFilterInvocationSecurityMetadataSource);
                        o.setAccessDecisionManager(myAccessDecisionManager);
                        return o;
                    }
                })
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/doLogin")
                .successHandler((req, resp, authentication) -> {
                    String username = req.getParameter("username");
                    String password = req.getParameter("password");
                    System.out.println(authentication.getPrincipal());
                    System.out.println(username);
                    System.out.println(password);
                })
                .permitAll()
                .and()
                .csrf().disable();

    }
}
2.MyFilterInvocationSecurityMetadataSource.java
package org.khm.config;

import org.khm.model.Permission;
import org.khm.model.Role;
import org.khm.service.PermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import java.util.Collection;
import java.util.List;

/**
 * 根据访问接口 返回角色信息
 */
@Component
public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {

//    @Autowired
//    AntPathMatcher antPathMatcher;
    @Autowired
    PermissionService permissionService;

    @Override
    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
        //获取请求接口
        FilterInvocation filterInvocation = (FilterInvocation) o;
        String requestUrl = filterInvocation.getRequestUrl();

        //查询所有接口和角色对应关系
        List<Permission> permissions = permissionService.getPermissionRoles();
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        //找该接口对应角色
        for (Permission permission : permissions) {
            if (antPathMatcher.match(permission.getPname(), requestUrl)) {
                List<Role> roles = permission.getRoles();
                String[] arr = new String[roles.size()];
                for (int i = 0; i < arr.length; i++) {
                    arr[i]=roles.get(i).getRname();
                }
                return SecurityConfig.createList(arr);
            }
        }
        return SecurityConfig.createList("ROLE_login");
    }

    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }
}
3.MyAccessDecisionManager.java
package org.khm.config;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;

import java.util.Collection;

/**
 * 判断返回角色信息和用户角色信息
 */
@Component
public class MyAccessDecisionManager implements AccessDecisionManager {
    @Override
    public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
        for (ConfigAttribute configAttribute : collection) {
            String attribute = configAttribute.getAttribute();
            if ("ROLE_login".equals(attribute)) {
                //判断是否登录
                if (authentication instanceof AnonymousAuthenticationToken) {
                    throw new AccessDeniedException("用户未登录");
                }
                return;
            }

            //对比角色权限和接口权限
            Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
            for (GrantedAuthority authority : authorities) {
                if (authority.getAuthority().equals(attribute)) {
                    return;
                }
            }
        }
        throw new AccessDeniedException("权限不足");
    }

    @Override
    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }
}
4.PermissionService.java
package org.khm.service;

import org.khm.mapper.PermissionMapper;
import org.khm.model.Permission;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import java.util.List;

@Service
@Transactional
public class PermissionService {
    @Autowired
    PermissionMapper permissionMapper;
    public List<Permission> getPermissionRoles() {
        return permissionMapper.getPermissionRoles();
    }
}
5.UserService.java
package org.khm.service;

import org.khm.mapper.UserMapper;
import org.khm.model.Role;
import org.khm.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.List;

@Service
public class UserService implements UserDetailsService {
    @Autowired
    UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userMapper.findUserByUserName(username);
        if (user == null) {
            throw new UsernameNotFoundException("没有此用户");
        }
        List<Role> roles = userMapper.findRoleByUserId(user.getId());
        user.setRoles(roles);
        return user;
    }
}
6.PermissionMapper
package org.khm.mapper;

import org.khm.model.Permission;

import java.util.List;

public interface PermissionMapper {
    //查询所有接口角色信息
    List<Permission> getPermissionRoles();
}


<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<mapper namespace="org.khm.mapper.PermissionMapper">
    <resultMap id="BaseResultMap" type="org.khm.model.Permission">
        <id column="pid" property="id"></id>
        <result column="pname" property="pname"></result>
        <collection property="roles" ofType="org.khm.model.Role">
            <id column="rid" property="id"></id>
            <result column="rname" property="rname"></result>
            <result column="rnameZh" property="rnameZh"></result>
        </collection>
    </resultMap>
    <select id="getPermissionRoles" resultMap="BaseResultMap">
        select p.id as pid, pname, r.id as rid, rname, rnameZh
        from role r
                 join role_permission rp
                      on r.id = rp.rid
                 join permission p
                      on rp.pid = p.id
    </select>
</mapper>
7.UserMapper
package org.khm.mapper;

import org.khm.model.Role;
import org.khm.model.User;

import java.util.List;

public interface UserMapper {

    User findUserByUserName(String username);

    List<Role> findRoleByUserId(Integer id);
}


<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">

<mapper namespace="org.khm.mapper.UserMapper">
    <select id="findUserByUserName" resultType="org.khm.model.User">
        select *
        from user
        where username = #{username}
    </select>

    <select id="findRoleByUserId" resultType="org.khm.model.Role">
        select *
        from role
        where id in (select rid from user_role where uid = #{id})
    </select>
</mapper>
8.Controller.java
package org.khm.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class UserController {
    @RequestMapping("/home")
    public String hello() {
        return "HOME";
    }

    @RequestMapping("/index")
    public String index() {
        return "首页";
    }

    @RequestMapping("/login")
    public String login() {
        return "请登录";
    }

    @RequestMapping("/doLogin")
    public String loginUser() {
        return "你好";
    }

    @RequestMapping("/admin/hello")
    public String loginAdmin() {
        return "你好,管理员";
    }

    @RequestMapping("/user/hello")
    public String loginPerson() {
        return "你好,用户";
    }

    @RequestMapping("/dba/hello")
    public String loginDBA() {
        return "你好,DBA";
    }
}
康梓潼
关注
  • 0
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
spring security入门--基于角色实现用户登录访问
xiaoheihai666的博客
08-31 481
接上篇,我们搭建好了基本框架之后,怎么实现自定义用户角色登录不同的系统呢?一、首先创建一个自定义的配置类,继承WebSecurityConfigurerAdapter类。使用zhangsan账号登录 helloUser 方法成功。二、在controller类中编写不同角色登录的代码。三、运行启动类进行测试。...
springsecurity自定义角色权限授权
明平姚的博客
02-16 1195
springsecurity自定义角色权限授权
SpringSecurity(十一)--配置权限以及相关限制(下)
学习不止境的博客
10-24 1638
本章我们将承接上篇文章的项目为基础学习,所以没有搭建好项目的小伙伴请先去查看上一篇文章把项目理解并且搭建好,当然大家也可以用自己的方式进行搭建学习,不用啥都按部就班,尤其是编程这块儿,具有极大的灵活性,没准你的方法才是最适合的。但是对于后面的代码,我将以上篇搭建好的代码为架构基础进行展示。
7.SpringSecurity中的权限管理
飘然渡沧海的博客
03-06 722
7.SpringSecurity中的权限管理
springsecurity】基于角色权限控制 api路径配置 或者方法配置
qq_56132766的博客
06-08 463
springsecurity 基于角色权限控制 实现了路径和方法的不同精度
SpringSecurity动态加载用户角色权限实现登录及鉴权功能
08-25
Spring Security 动态加载用户角色权限实现登录及鉴权功能 在 Spring Security 中,动态加载用户角色权限是实现登录及鉴权功能的关键步骤。本文将详细介绍如何使用 Spring Security 实现动态加载用户角色权限,并...
SpringBoot + SpringSecurity + JPA 实现用户角色权限登录认证
09-10
在这个项目中,SpringSecurity被用来处理用户登录角色权限分配和防止非法请求。 3. **JPA**:Java Persistence API是Java平台上的ORM(对象关系映射)规范,它允许开发者以面向对象的方式操作数据库,将数据对象...
Spring security实现登陆和权限角色控制
09-09
通过以上步骤,你已经配置Spring Security来处理登录权限角色控制。当用户尝试访问受保护的资源时,Spring Security会自动重定向到登录页面。登录成功后,它会根据用户角色决定是否允许访问请求的资源。同时...
springsecurity轻松实现角色权限的示例代码
08-19
Spring Security中,我们可以使用角色权限来控制用户的访问权限。我们可以创建一个Role实体类,定义了角色名称和描述信息。 ```java @Entity public class Role { @Id @GeneratedValue(strategy = ...
springsecurity角色权限
12-13
Spring Security中,"角色"是赋予用户的标识,表示用户在系统中的职责或权限集合。例如,"管理员"、"用户"等。"权限"则更加具体,代表用户可以执行的操作,如"查看报告"、"编辑内容"等。角色通常包含一组权限,...
SpringSecurity详解
m0_71012114的博客
10-19 4991
本文详解介绍了security原理、多种方式配置登录角色权限访问控制、常用注解、用户注销。
springsecurity角色管理
健康平安的活着的专栏
09-11 669
一 查询角色权限 角色权限表:
2.Spring Security 用户角色权限 详解
热门推荐
妖怪的博客
08-26 1万+
本文主要介绍Spring Security使用数据库存储角色权限,并在此情况下进行登录操作,同时介绍了记住我操作
Spring Security 权限控制
m0_48922996的博客
07-16 8462
项目版本BootSecurity官网文档在前面的文章中,所有的接口只需要登录就能访问。并没有对每个接口进行权限限制。在正式的系统中,一个用户会拥有一个或者多个角色,而不同的角色会拥有不同的接口权限。如果要实现这些功能,需要重写中的。HttpSecurity用于构建一个安全过滤器链SecurityFilterChain,可以通过它来进行自定义安全访问策略。@Bean}@Override.and()}@Overridehttp.authorizeRequests()//开启配置。...
SpringSecurity的简单概述以及配置SpringSecurity的默认登录页面
weixin_46852039的博客
09-12 2972
SpringSecurity的简单概述 是什么:SpringSecurity融合Spring技术栈,提供JavaEE应 用的整体安全解决方案;提供全面的安全服务 有什么用:可以进行身份验证,就是证明你是谁;也可以进行授权,就是你可以做什么 配置SpringSecurity的默认登录页面 搭建SpringSecurity环境 创建maven项目后,添加security-pom依赖 <!-- springboot项目都要继承boot父工程--> <parent>
安全认证服务框架Spring SecuritySpring-Security.xml配置之构建加密对象登录及退出
u011918475的博客
11-01 2558
登录及退出 <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xmln
使用Spring Security进行角色登录权限例子(带源码)
qq_37718197的博客
12-29 1859
原文网址: http://websystique.com/spring-security/spring-security-4-role-based-login-example/ 本文档将展示使用Spring Security进行角色登录。根据角色不同重定向不同url。 Spring Security提供SimpleUrlAuthenticationSuccessHandler(具有常用Suc
SpringSecurity3.2.5自定义角色权限的教程
叶落伤城的专栏
12-12 6183
最近阴差阳错的搞上了SpringSecurity3,因为是自己做的小系统,中间遇到了很多坑,基本每个坑都踩过了,网上也查了不少资料,发现有不少错误的,更是让我绕了一圈又一圈,现在把一些基本的东西总结一下。 先从整体上总结一下为什么使用SS,一般的,在不使用ss的情况下,我们基本会在每个业务方法执行前,插入一段用于验证权限的代码,从而判断当前用户是否有相应权限进行操作,这样做就会让业务方法和验证权
spring security 采用角色控制访问权限
码农鸡窝
09-12 6006
如下代码集成自spring security登陆验证方法 @Service public class LoginUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String account) throws UsernameNotFound
springsecurity角色权限
最新发布
08-25
- *1* [SpringSecurity实现角色权限控制(SpringBoot+SpringSecurity+JWT)](https://blog.csdn.net/lans_g/article/details/130611332)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

康梓潼

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值