SpringBoot +SpringSecurity+mysql 实现用户数据权限管理

最新推荐文章于 2024-05-10 16:54:55 发布
最新推荐文章于 2024-05-10 16:54:55 发布
阅读量4.3k 收藏 9
点赞数 4
分类专栏: springsecurity 微服务springboot
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/zhouzhiwengang/article/details/95983925
版权

通用用户数据权限sql建库 和初始化脚本:

/*
 Navicat MySQL Data Transfer

 Source Server         : 192.168.1.73
 Source Server Type    : MySQL
 Source Server Version : 80015
 Source Host           : 192.168.1.73:3306
 Source Schema         : boot-security

 Target Server Type    : MySQL
 Target Server Version : 80015
 File Encoding         : 65001

 Date: 15/07/2019 16:40:44
*/

SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;

-- ----------------------------
-- Table structure for u_permission
-- ----------------------------
DROP TABLE IF EXISTS `u_permission`;
CREATE TABLE `u_permission`  (
  `id` bigint(20) NOT NULL AUTO_INCREMENT,
  `url` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT 'url地址',
  `name` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT 'url描述',
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 21 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of u_permission
-- ----------------------------
INSERT INTO `u_permission` VALUES (1, 'userInfo/userList', '用户管理');
INSERT INTO `u_permission` VALUES (2, 'userInfo/userAdd', '用户添加');
INSERT INTO `u_permission` VALUES (3, 'userInfo/userDel', '用户删除');

-- ----------------------------
-- Table structure for u_role
-- ----------------------------
DROP TABLE IF EXISTS `u_role`;
CREATE TABLE `u_role`  (
  `id` bigint(20) NOT NULL AUTO_INCREMENT,
  `name` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT '角色名称',
  `type` varchar(10) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT '角色类型',
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 5 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of u_role
-- ----------------------------
INSERT INTO `u_role` VALUES (1, 'admin', '1');
INSERT INTO `u_role` VALUES (2, 'user', '2');

-- ----------------------------
-- Table structure for u_role_permission
-- ----------------------------
DROP TABLE IF EXISTS `u_role_permission`;
CREATE TABLE `u_role_permission`  (
  `rid` bigint(20) NULL DEFAULT NULL COMMENT '角色ID',
  `pid` bigint(20) NULL DEFAULT NULL COMMENT '权限ID',
  `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键',
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 7 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of u_role_permission
-- ----------------------------
INSERT INTO `u_role_permission` VALUES (1, 1, 1);
INSERT INTO `u_role_permission` VALUES (1, 2, 2);
INSERT INTO `u_role_permission` VALUES (1, 3, 3);
INSERT INTO `u_role_permission` VALUES (2, 1, 4);
INSERT INTO `u_role_permission` VALUES (2, 2, 5);
INSERT INTO `u_role_permission` VALUES (2, 3, 6);

-- ----------------------------
-- Table structure for u_user
-- ----------------------------
DROP TABLE IF EXISTS `u_user`;
CREATE TABLE `u_user`  (
  `id` bigint(20) NOT NULL AUTO_INCREMENT,
  `nickname` varchar(20) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT '用户昵称',
  `email` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT '邮箱|登录帐号',
  `pswd` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL COMMENT '密码',
  `create_time` datetime(0) NULL DEFAULT NULL COMMENT '创建时间',
  `last_login_time` datetime(0) NULL DEFAULT NULL COMMENT '最后登录时间',
  `status` bigint(1) NULL DEFAULT 1 COMMENT '1:有效,0:禁止登录',
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 15 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of u_user
-- ----------------------------
INSERT INTO `u_user` VALUES (1, 'admin', 'admin@163.com', 'C4CA4238A0B923820DCC509A6F75849B', '2019-04-27 22:44:44', NULL, 1);

-- ----------------------------
-- Table structure for u_user_role
-- ----------------------------
DROP TABLE IF EXISTS `u_user_role`;
CREATE TABLE `u_user_role`  (
  `uid` bigint(20) NULL DEFAULT NULL COMMENT '用户ID',
  `rid` bigint(20) NULL DEFAULT NULL COMMENT '角色ID',
  `id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键',
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of u_user_role
-- ----------------------------
INSERT INTO `u_user_role` VALUES (1, 2, 1);

SET FOREIGN_KEY_CHECKS = 1;

项目截图:

1、springsecurity 配置类:SecurityConfiguration

只要使用spring security都要有这样一个配置类(如果是类配置的话),继承WebSecurityConfigurerAdapter 主要实现两个方法configure(AuthenticationManagerBuilder auth)和 configure(HttpSecurity http)

AuthenticationManagerBuilder: 主要配置身份认证来源,也就是用户及其角色。

HttpSecurity 主要配置路径:也就是资源的访问权限(是否需要认证,需要什么角色等)。

自定义securityConfiguration:SpringSecurityConfig

package com.zzg.security.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import com.zzg.security.provider.SpringSecurityProvider;

/**
 * spring-security 配置文件
 * @author zzg
 *
 */

@Configuration
@EnableWebSecurity //开启Spring Security的功能
@EnableGlobalMethodSecurity(prePostEnabled=true)//开启注解控制权限
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
	
	 /**
     * עSpringSecurityProvider
     */
    @Autowired
    private SpringSecurityProvider provider;
    
    /**
     *AuthenticationSuccessHandler
     */
    @Autowired
    private AuthenticationSuccessHandler securityAuthenticationSuccessHandler;
    /**
     *  AuthenticationFailureHandler
     */
    @Autowired
    private AuthenticationFailureHandler securityAuthenticationFailHandler;

    /**
	 * 定义需要过滤的静态资源(等价于HttpSecurity的permitAll)
	 */
	@Override
	public void configure(WebSecurity webSecurity) throws Exception {
		webSecurity.ignoring().antMatchers("static/css/**");
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		// TODO Auto-generated method stub
		http.authorizeRequests()
        .antMatchers("/login").permitAll() // 不需要权限路径
        .anyRequest().authenticated()      
        .and()
        .formLogin()
        .loginPage("/login")    // 登入页面
        .successHandler(securityAuthenticationSuccessHandler)  //自定义成功处理器
        .failureHandler(securityAuthenticationFailHandler)     //自定义失败处理器
        .permitAll()
        .and()
        .logout();
		
	}



	@Override
	protected void configure(AuthenticationManagerBuilder builder) throws Exception {
		// 自定义身份验证提供者
		builder.authenticationProvider(provider);
	}
	
	
	

}

2、springsecurity 认证接口:AuthenticationProvider

spring security实现自定义认证,需要实现AuthenticationProvider接口:主要实现方法authenticate(Authentication authentication)

自定义AuthenticationProvider:SpringSecurityProvider

package com.zzg.security.provider;

import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import com.zzg.security.userservice.AuthUserDetails;
import com.zzg.security.userservice.CustomUserService;

/**
 *自定义身份验证提供者
 * 
 * @author zzg
 *
 */
@Component
public class SpringSecurityProvider implements AuthenticationProvider {

	@Autowired
	private CustomUserService userDetailService;

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		// TODO Auto-generated method stub
		String userName = authentication.getName();
		String password = (String) authentication.getCredentials();

	    // 查询用户权限信息
		AuthUserDetails userInfo = (AuthUserDetails) userDetailService.loadUserByUsername(userName); 
		if (userInfo == null) {
			throw new UsernameNotFoundException("");
		}

		// 密码判断
		String encodePwd = DigestUtils.md5Hex(password).toUpperCase();
		if (!userInfo.getPassword().equals(encodePwd)) {
			throw new BadCredentialsException("");
		}

		return new UsernamePasswordAuthenticationToken(userInfo, userInfo.getPassword(),
				userInfo.getAuthorities());
	}

	@Override
	public boolean supports(Class<?> authentication) {
		// TODO Auto-generated method stub
		return UsernamePasswordAuthenticationToken.class.equals(authentication);
	}

}

2、springsecurity 用户详情信息接口:UserDetailsService

spring security实现自定义用户详情信息,需要实现UserDetailsService接口:主要实现方法loadUserByUsername(String username)

自定义UserDetailsService:CustomUserService

package com.zzg.security.userservice;

import java.util.List;
import java.util.stream.Collectors;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

import com.zzg.entity.Permission;
import com.zzg.entity.Role;
import com.zzg.entity.RolePermission;
import com.zzg.entity.User;
import com.zzg.entity.UserRole;
import com.zzg.service.PermissionService;
import com.zzg.service.RolePermissionService;
import com.zzg.service.RoleService;
import com.zzg.service.UserRoleService;
import com.zzg.service.UserService;
/**
 * 自定义用户查询服务
 * @author zzg
 *
 */

@Component
public class CustomUserService implements UserDetailsService {
	@Autowired
	private UserService userService;
	@Autowired
	private UserRoleService userRoleService;
	@Autowired
	private RoleService roleService;
	@Autowired
	private RolePermissionService rolePermissionService;
	@Autowired
	private PermissionService permissionService;
	

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		// TODO Auto-generated method stub
		User user = userService.findByUserName(username);
		if(user == null){
			 throw new UsernameNotFoundException("");
		}
		List<UserRole> list = userRoleService.findByUid(user.getId());
		List<Long> rIds = list.stream().map(UserRole::getRid).collect(Collectors.toList());
		
		List<Role> roles = roleService.findByIds(rIds);
		List<Long> roleIds = roles.stream().map(Role::getId).collect(Collectors.toList());
		
		List<RolePermission> rolePermissions = rolePermissionService.findByRids(roleIds);
		List<Long> pIds = rolePermissions.stream().map(RolePermission::getPid).collect(Collectors.toList());
		
		List<Permission> permissions = permissionService.findByIds(pIds);
		
		AuthUserDetails authUserDetails = new AuthUserDetails(user.getNickname(),user.getPswd(),roles,permissions);
		
		return authUserDetails;
	}

}

3、springsecurity 用户信息拓展:UserDetails

spring security 拓展用户信息,继承UserDetails类,主要方法:Collection<? extends GrantedAuthority> getAuthorities() 构建用户权限信息。

自定义UserDetails:AuthUserDetails

package com.zzg.security.userservice;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import com.zzg.entity.Permission;
import com.zzg.entity.Role;

@SuppressWarnings("serial")
public class AuthUserDetails implements UserDetails {
	
	private String nickname;

    private String pswd;
    
   
    private List<Role> roles;
  
    private List<Permission> permission;
    
  
	public String getNickname() {
		return nickname;
	}

	public void setNickname(String nickname) {
		this.nickname = nickname;
	}

	public String getPswd() {
		return pswd;
	}

	public void setPswd(String pswd) {
		this.pswd = pswd;
	}

	public List<Role> getRoles() {
		return roles;
	}

	public void setRoles(List<Role> roles) {
		this.roles = roles;
	}

	public List<Permission> getPermission() {
		return permission;
	}

	public void setPermission(List<Permission> permission) {
		this.permission = permission;
	}
	
	
	public AuthUserDetails(String nickname, String pswd, List<Role> roles, List<Permission> permission) {
		super();
		this.nickname = nickname;
		this.pswd = pswd;
		this.roles = roles;
		this.permission = permission;
	}
	
	public AuthUserDetails(){
		this.nickname = "NA";
		this.pswd = "NA";
		this.roles = Collections.EMPTY_LIST;
		this.permission = Collections.EMPTY_LIST;
	}

	@Override
	public Collection<? extends GrantedAuthority> getAuthorities() {
		// 基于用户角色名称构建权限信息
		 List<GrantedAuthority> auths = new ArrayList<>();
		 List<Role> roles = this.getRoles();
		 for (Role role : roles) {
	            auths.add(new SimpleGrantedAuthority(role.getName()));
	        }
		 
		return auths;
	}

	/**
	 *
	 */
	@Override
	public String getPassword() {
		// TODO Auto-generated method stub
		return this.pswd;
	}

	/**
	 * 
	 */
	@Override
	public String getUsername() {
		// TODO Auto-generated method stub
		return this.nickname;
	}
 
	/**
	 * 
	 */
	@Override
	public boolean isAccountNonExpired() {
		// TODO Auto-generated method stub
		return true;
	}

	/**
	 * 
	 */
	@Override
	public boolean isAccountNonLocked() {
		// TODO Auto-generated method stub
		return true;
	}

	/**
	 * 
	 */
	@Override
	public boolean isCredentialsNonExpired() {
		// TODO Auto-generated method stub
		return true;
	}

	/**
	 * 
	 */
	@Override
	public boolean isEnabled() {
		// TODO Auto-generated method stub
		return true;
	}

}

4、自定义springsecurity 登入成功处理的Handler:一般需要实现AuthenticationSuccessHandler 接口,覆写onAuthenticationSuccess(HttpServletRequest request,HttpServletResponse response, Authentication authentication) throws IOException, ServletException 方法

自定义AuthenticationSuccessHandler:SecurityAuthenticationSuccessHandler

package com.zzg.security.handler;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import com.zzg.redis.util.RedisUtil;

/**
 * 用户登入成功
 * @author zzg
 *
 */
@Component("securityAuthenticationSuccessHandler")
public class SecurityAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
	@Autowired
	private RedisUtil redisUtil;

	@Override
	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
			Authentication authentication) throws ServletException, IOException {
		// 用户登入成功,补充相关业务逻辑
         new DefaultRedirectStrategy().sendRedirect(request, response, "/defaults");
	}

	
}

5、自定义springsecurity 登入失败处理的Handler:一般需要实现AuthenticationFailureHandler接口,覆写onAuthenticationFailure(HttpServletRequest request,HttpServletResponse response, AuthenticationException exception)
throws IOException, ServletException 方法

package com.zzg.security.handler;

import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;

/**
 * 用户登入失败
 * @author zzg
 *
 */
@Component("securityAuthenticationFailHandler")
public class SecurityAuthenticationFailHandler extends SimpleUrlAuthenticationFailureHandler {
	
	@Override
	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
			AuthenticationException exception) throws IOException, ServletException {
        String redirectUrl = "/login?message=" + URLEncoder.encode(exception.getMessage(),"UTF-8");
        new DefaultRedirectStrategy().sendRedirect(request, response, redirectUrl);
	}
    
    
}

6、自定义权限不足处理器,实现AccessDeniedHandler接口,覆写handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) 方法

package com.zzg.security.access.denied;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import com.zzg.security.util.HttpUtils;
/**
 * 自定义权限不足处理器
 * @author zzg
 *
 */
@Component
public class SpringSecurityAccessDeniedHandler implements AccessDeniedHandler {

	@Override
	public void handle(HttpServletRequest request, HttpServletResponse response,
			AccessDeniedException accessDeniedException) throws IOException, ServletException {
		// TODO Auto-generated method stub
		boolean isAjax = HttpUtils.isAjaxRequest(request);
		if(isAjax){
			// 前端提示授权信息不足
			response.setContentType("text/html;charset=UTF-8");
			PrintWriter out = response.getWriter();
			out.println("权限不足");
			
		} else {
			// 后端直接跳转至权限的错误页面
			new DefaultRedirectStrategy().sendRedirect(request, response, "/errors");
		}
		
	}
	

}

至此已经完成基于数据库存储的Spring Security权限控制的核心配置。

以下的代码主要是controller、springmvc 配置和工具类代码代码:

Http 工具类:

package com.zzg.security.util;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;

import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;

import org.springframework.http.HttpHeaders;

public class HttpUtils {
	/**
	 * 获取请求Body
	 *
	 * @param request
	 * @return
	 */
	public static String getBodyString(ServletRequest request) {
		StringBuilder sb = new StringBuilder();
		InputStream inputStream = null;
		BufferedReader reader = null;
		try {
			inputStream = request.getInputStream();
			reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
			String line = "";
			while ((line = reader.readLine()) != null) {
				sb.append(line);
			}
		} catch (IOException e) {
			e.printStackTrace();
		} finally {
			if (inputStream != null) {
				try {
					inputStream.close();
				} catch (IOException e) {
					e.printStackTrace();
				}
			}
			if (reader != null) {
				try {
					reader.close();
				} catch (IOException e) {
					e.printStackTrace();
				}
			}
		}
		return sb.toString();
	}

	/**
	 * 从request获取登录的IP
	 */
	public static String getIpAddress(HttpServletRequest request) {
		String ip = request.getHeader("x-forwarded-for");
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("Proxy-Client-IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("WL-Proxy-Client-IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("HTTP_CLIENT_IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("HTTP_X_FORWARDED_FOR");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("X-Real-IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getRemoteAddr();
		}
		return ip;
	}

	/**
	 * 判断是否为ajax请求
	 */
	public static boolean isAjaxRequest(HttpServletRequest request) {
		if (request.getHeader(HttpHeaders.ACCEPT) != null
				&& request.getHeader(HttpHeaders.ACCEPT).indexOf("application/json") > -1
				|| (request.getHeader("X-Requested-With") != null
						&& request.getHeader("X-Requested-With").equalsIgnoreCase("XMLHttpRequest"))) {
			return true;
		}
		return false;
	}
}

springMVC 配置:

package com.zzg.springmvc.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * 访问路径配置类 可以理解成做简单访问过滤的,转发到相应的视图页面
 * 
 * @author Veiking
 */
@Configuration
public class SpringMvcConfig implements WebMvcConfigurer {

	@Override
	public void addViewControllers(ViewControllerRegistry registry) {
		// TODO Auto-generated method stub
		registry.addViewController("/login").setViewName("login.html");
		registry.addViewController("/").setViewName("index.html");
		registry.addViewController("/index").setViewName("index.html");
	}

	@Override
	public void addResourceHandlers(ResourceHandlerRegistry registry) {
		// TODO Auto-generated method stub
		registry.addResourceHandler("/**").addResourceLocations("classpath:/static/**");
	}
	
	

}

package com.zzg.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class LoginController {
	
	/**
	 * 鉴权用户是否拥有指定权限
	 * @param model
	 * @param tt
	 * @return
	 */
	@RequestMapping("/admin")
	@PreAuthorize("hasAuthority('admin')")
	public String admin(Model model, String tt) {
		return "admin";
	}
	
	@RequestMapping("/hello")
	public String hello(Model model, String tt) {
		return "hello";
	}
	/**
	 * 登入成功跳转页面
	 * @param model
	 * @param tt
	 * @return
	 */
	@RequestMapping("/defaults")
	public String defaults(Model model, String tt) {
		return "defaults";
	}
	
	/**
	 * 权限不足跳转页面
	 * @param model
	 * @param tt
	 * @return
	 */
	@RequestMapping("/errors")
	public String errors(Model model, String tt) {
		return "errors";
	}
	
	
	

}

静态页面:

admin.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>ADMIN</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 40px; }
</style>
</head>
<body>
	<h1>ADMIN</h1>
	<br/>你好:<a sec:authentication="name"></a>
	<p>
		<a th:href="@{/index}"> INDEX</a>
		<a th:href="@{/admin}"> | ADMIN</a>
		<a th:href="@{/hello}"> | HELLO</a>
		<br/><hr/>
        <form th:action="@{/logout}" method="post">
            <input type="submit" class="btn btn-primary" value="注销"/>
        </form>
	</p>
</body>
</html>

defaults.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>成功默认登入页面</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 40px; }
</style>
</head>
<body>
	<h1>成功默认登入页面</h1>
	<br/>成功默认登入页面:<a sec:authentication="name"></a>
	<p>
		<a th:href="@{/index}"> INDEX</a>
		<a th:href="@{/admin}"> | ADMIN</a>
		<a th:href="@{/hello}"> | HELLO</a>
		<br/><hr/>
        <form th:action="@{/logout}" method="post">
            <input type="submit" class="btn btn-primary" value="注销"/>
        </form>
	</p>
</body>
</html>

error.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>方法权限不足提示页面</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 40px; }
</style>
</head>
<body>
	<h1>方法权限不足提示页面</h1>
	<br/>方法权限不足提示页面:<a sec:authentication="name"></a>
	<p>
		<a th:href="@{/index}"> INDEX</a>
		<a th:href="@{/admin}"> | ADMIN</a>
		<a th:href="@{/hello}"> | HELLO</a>
		<br/><hr/>
        <form th:action="@{/logout}" method="post">
            <input type="submit" class="btn btn-primary" value="注销"/>
        </form>
	</p>
</body>
</html>

hello.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"	
	xmlns:th="http://www.thymeleaf.org"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<meta content="text/html;charset=UTF-8"/>
<title>HELLO</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 40px; }
</style>
</head>
<body>
	<h1>HELLO</h1>
	<br/>你好:<a sec:authentication="name"></a>
	<p>
		<a sec:authorize="hasAuthority('admin')" th:href="@{/index}"> INDEX</a>
		<a sec:authorize="hasAuthority('admin')" th:href="@{/admin}"> | ADMIN</a>
		<a sec:authorize="hasAuthority('admin')" th:href="@{/hello}"> | HELLO</a>
		<br/><hr/>
        <form th:action="@{/logout}" method="post" sec:authorize="hasAuthority('admin')">
            <input type="submit" class="btn btn-primary" value="注销"/>
        </form>
	</p>
</body>
</html>

index.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<title>主页</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 40px; }
</style>
</head>
<body>
	<h1>INDEX</h1>
	<br/>你好:<a sec:authentication="name"></a>
	<p>
		<a sec:authorize="hasAuthority('user')" th:href="@{/index}"> INDEX</a>
		<a sec:authorize="hasAuthority('admin')" th:href="@{/admin}"> | ADMIN</a>
		<a sec:authorize="hasAuthority('user')" th:href="@{/hello}"> | HELLO</a>
		<br/><hr/>
        <form th:action="@{/logout}" method="post">
            <input type="submit" class="btn btn-primary" value="注销"/>
        </form>
	</p>
</body>
</html>

login.html

<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<meta content="text/html;charset=UTF-8"/>
<title>登录</title>
<link rel="stylesheet" th:href="@{static/css/bootstrap.min.css}"/>
<style type="text/css">
body { padding: 20px; }
.starter-template { width:350px; padding: 0 40px; text-align: center; }
</style>
</head>
<body>
	<p>
		<a th:href="@{/index}"> INDEX</a>
		<a th:href="@{/admin}"> | ADMIN</a>
		<a th:href="@{/hello}"> | HELLO</a>
		<br/>
	</p>
	<hr/>
    <div class="starter-template">
     <p th:if="${param.logout}" class="bg-warning">已成功注销</p><!-- 1 -->
	<p th:if="${param.error}" class="bg-danger">有错误,请重试</p> <!-- 2 -->
	<h2>使用用户名密码登录</h2>
	<form name="form"  th:action="@{/login}" action="/login" method="POST"> <!-- 3 -->
		<div class="form-group">
			<label for="username">账号</label>
			<input type="text" class="form-control" name="username" value="" placeholder="账号" />
		</div>
		<div class="form-group">
			<label for="password">密码</label>
			<input type="password" class="form-control" name="password" placeholder="密码" />
		</div>
		<div class="form-group">
			<input type="submit" id="login" value="登录" class="btn btn-primary" />
		</div>

	</form>
    </div>
</body>
</html>

源码下载地址:待补充

在奋斗的大道
关注
  • 4
    点赞
  • 9
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Mysql_security_spring boot:spring security用mysql实现动态权限管理(spring boot 2.3.3)
weixin_32191051的博客
01-21 367
一,动态权限管理的优点和缺点1,优点:因为控制权限的数据保存在了mysql或其他存储系统中,可以动态修改权限控制,无需改动代码和重启应用,权限变更时灵活方便2,缺点:权限的设置需要保存在外部存储系统,每次request时都需要查库处理,高并发时影响效率说明:作者:刘宏缔 邮箱: 371125307@qq.com二,演示项目的相关信息1,项目地址:https://github.com/liuhong...
SpringSecurity权限管理框架系列(四)-Spring Security结合MySQL数据库实现自定义权限认证
最爱嫣夜来
03-22 3284
1、自定义权限认证的实现思路 自定义一个实体类LoginUser用来保存SygUser用户信息以及权限信息Set<String> permissions 让这个LoginUser实体类实现Userdetails接口 自定义的MyUserDetailsServiceImpl类的loadUserByUsername()方法中实现用户信息查询及该用户的权限信息查询 自定义的MyUserDetailsServiceImpl类的loadUserByUsername()方法返回LoginUs
spring boot 最佳实践(九)-- 数据访问权限
老螺丝的技术人生
12-13 1万+
数据权限访问安全性是一个比基于角色的规则更复杂的场景。 访问控制列表 (ACL Access Controller List)它是用来做细粒度权限控制所用的一种权限模型。对ACL最简单的描述就是两个业务员,每个人只能查看操作自己签的合同,而不能看到对方的合同信息。
SpringBoot整合SpringScurity权限控制(菜单权限,按钮权限)以及加上SSH实现安全传输
qq_63946922的博客
05-10 1222
如果你在设计一个需要存储用户密码的系统,强烈建议使用 bcrypt、PBKDF2 或 Argon2 而不是 MD5。这些现代算法提供了更高级别的安全保障,可以帮助你的系统抵御当前的威胁,如暴力破解和彩虹表攻击。选择正确的密码存储策略是保护用户数据安全的关键一步。
springBoot + springsecurity +MySQL8 +Thymeleaf 实现用户权限系统
zhouzhiwengang的专栏
04-30 930
第一步:项目整体结构说明: 基于springboot + springsecurity + mysql + themleaf 构建用户权限系统项目结构说明: 第二步:依赖的数据库脚本: 建库脚本: DROP TABLE IF EXISTS `u_permission`; CREATE TABLE IF NOT EXISTS `u_permission` ( `id` bigint...
spring boot集成mybatis和springsecurity实现权限控制功能
sinat_36005594的博客
12-21 617
上一篇已经实现了登录认证功能,这一篇继续实现权限控制功能,文中代码只贴出来和上一篇不一样的修改的地方,完整代码可结合上一篇一起整理。
项目实战——配置MySQL与Spring Security模块
qq_59539549的博客
11-14 636
PS:本篇文章主体内容并不涉及复杂代码的编写~~请大家放心食用hh。
SpringBoot+SpringSecurity+JWT+MybatisPlus实现基于注解的权限验证
08-26
SpringBoot+SpringSecurity+JWT+MybatisPlus实现基于注解的权限验证,可根据注解的格式不同,做到角色权限控制,角色加资源权限控制等,粒度比较细化。 @PreAuthorize("hasAnyRole('ADMIN','USER')"):具有admin或...
通用权限管理系统+springboot+mybatis plus+spring security+jwt+redis+mysql
05-30
后端使用SpringBoot框架进行业务逻辑开发,利用Spring Security实现权限控制。数据库采用MySQL进行数据存储,使用MyBatis进行数据访问。 权限控制模块设计包括用户、角色和权限三个主要模块。用户模块用于管理用户...
springboot+security+jwt+mybaits-plus+mysql实现权限管理
03-13
1.传统spring boot框架 2.security框架 3.jwt取代session 4.mybatis-plus+mysql【sql文件项目中有】 5.不想下载,可以看博客,博客中有写
SpringBoot+SpringSecurity整合(实现了登录认证和权限验证)完整案例,基于IDEA项目
02-16
SpringBoot+SpringSecurity整合示例代码,实现了从数据库中获取信息进行登录认证和权限认证。 本项目为idea工程,请用idea2019导入(老版应该也可以)。 本项目用户信息所需sql文件,在工程的resources文件夹下,...
Springboot整合Spring security+Oauth2+JWT搭建认证服务器,网关,微服务之间权限认证及授权
03-24
Springboot整合Spring security+Oauth2+JWT搭建认证服务器,网关,微服务之间权限认证及授权。 OAuth2是一个关于授权的开放标准,核心思路是通过各类认证手段(具体什么手段OAuth2不关心)认证用户身份,并颁发token(令牌),使得第三方应用可以使用该令牌在限定时间、限定范围访问指定资源。
权限管理系统 SpringBoot + MyBatisPlus + SpringSecurity+Mysql+Redis
最新发布
05-15
该项目利用了基于springboot + vue + mysql的开发模式框架实现的课设系统,包括了项目的源码资源、sql文件、相关指引文档等等。 【项目资源】:包含前端、后端、移动开发、操作系统、人工智能、物联网、信息化管理...
Spring WebFlux (3): mysql+Springboot Security实现登录鉴权
泛泛之素
08-12 3383
Security主要有两个功能: 登录 鉴权 Security通过一个user相关类存储用户信息,实现UserDetails接口功能: 看一下Security自带的User类, 主要变量: password:密码 username: 账户名 authorities: 访问权限 accountNonExpired:账户没有过期 isAccountNonLocked:账户没被锁定 (是否冻结) isCredentialsNonExpired:密码没有过期 isEnabled:账户是否可用(是否被删除)
SpringBoot整合Springsecurity实现数据库登录以及权限控制
热门推荐
qq_39620552的博客
10-16 4万+
我们今天使用SpringBoot来整合SpringSecurity,来吧,不多BB 首先呢,是一个SpringBoot 项目,连接数据库,这里我使用的是mybaties.mysql, 下面是数据库的表 DROP TABLE IF EXISTS `xy_role`; CREATE TABLE `xy_role` ( `xyr_id` int(11) NOT NULL AUTO_INCRE...
基于SpringBoot+mysql社团管理
QQ21503882的博客
02-12 2590
学生社团管理系统的使用用户共分为四种:普通浏览者、社团成员、社团负责人和社团管理员。除了普通浏览者外,其它用户都需要通用用户名和密码的进行身份验证,验证成功后通过设计的不同的使用权限,来实现使用或管理系统的各份功能。系统整体模块图如图所示: 代码已经上传github,下载地址:https://github.com/21503882/association 图4.1 社团管理系统...
Spring boot + Spring Security 实现用户登录管理
wtopps的专栏
10-20 2万+
前言 Spring Security,这是一种基于 Spring AOP 和 Servlet 过滤器的安全框架。它提供全面的安全性解决方案,同时在 Web 请求级和方法调用级处理身份确认和授权。其自身拥有一套管理用户登录信息的方法,本文就将介绍简单的使用Spring Security 来实现用户登录。 框架介绍 本文将使用Spring boot + Spring Security实现,S...
springBoot使用springSecurity入门详细配置,自定义登录,RBAC权限模型,数据库(Jpa+mysql)验证登录,验证码,json格式交互等(上篇)
to_study的博客
12-17 3811
只写如何应用,并不深入流程原理,如果想深入学习原理机制的只能失望了; springSecurity5.0开始默认必须对密码加密,之前的是可选; 0.准备工作,创建初始化的springBoot项目,版本是2.2.1 IDEA创建springBoot项目,勾选web,以来如下 <dependency> <groupId>org.springf...
使用 springboot+springsecurity+mybatis 来实现用户的注册和登录功能,并提供主界面的权限管理
06-01
好的,你的问题是如何使用springboot+springsecurity+mybatis来实现用户的注册和登录功能,并提供主界面的权限管理。 首先,我们需要创建一个Spring Boot项目,并将以下依赖添加到项目中: ``` <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.0.0</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>8.0.19</version> </dependency> ``` 接下来,我们需要创建一个User实体类,并在数据库中创建一个名为user的表,包含id、username、password、email等字段。 然后,我们需要创建一个UserMapper接口,用于与数据库交互。在该接口中,我们可以定义一些方法,如根据用户名查询用户信息、添加用户信息等。 接着,我们需要创建一个UserService类,在该类中,我们可以调用UserMapper接口中的方法来实现具体的业务逻辑,如用户注册、用户登录等。 在Spring Security中,我们需要创建一个SecurityConfig配置类,用于配置安全策略。在该类中,我们可以定义一些权限控制的规则,如哪些URL需要认证、哪些URL不需要认证等。 最后,我们需要创建一个Controller类,在该类中,我们可以调用UserService类中的方法来处理具体的请求,如注册、登录等。 以上是一个简单的使用springboot+springsecurity+mybatis实现用户注册和登录功能的流程,具体实现细节可以参考相关文档或案例代码。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值