Python 官方文档:入门教程 => 点击学习
目录springSecurity1、pom.xml简介1、pom.xml2、Security的controller3、路径转发的controller注销及权限控制1、导入依赖thym
shrio,SpringSecurity:认证,授权(VIP1,vip2…)
<!--Thymeleaf-->
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf-spring5</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-java8time</artifactId>
</dependency>
Spring Security是针对Spring项目的安全框架,也是Spring Boot底层安全模块默认的技术选型,他可以实现强大的WEB安全控制,对于安全控制,我们仅需要引入Spring-boot-starter-security模块,进行少量的配置,即可实现强大的安全管理!
记住几个类:
Spring Security的两个主要目标是“认证”和“授权”(访问控制) .
“认证”(Authentication)
“授权”(Authorization)
这个概念是通用的,而不是只在Spring Security中存在。
<!--security-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
package com.kuang.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.httpsecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPassWordEncoder;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//定义访问规则:首页每个人都可以访问,但是功能也只有特定权限的人才能访问 链式编程
//授权
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/level1
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
.withUser("qin").password(new BCryptPasswordEncoder().encode("111")).roles("vip1","vip2","vip3")
.and()
.withUser("aaa").password(new BCryptPasswordEncoder().encode("111")).roles("vip1");
}
}
package com.kuang.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@Controller
public class PathController {
@GetMapping({"/","index"}) //"/""index"都会去到index.html
public String Toindex(){
return "index";
}
@GetMapping("/toLogin")
public String Tologin(){
return "views/login";
}
@GetMapping("/level1/{id}") //@PathVariable获得url的占位符里面的值
public String ToView(@PathVariable("id")int id){
return "views/level1/"+id;
}
@GetMapping("/level2/{id}")
public String ToView2(@PathVariable("id")int id){
return "views/level2/"+id;
}
@GetMapping("/level3/{id}")
public String ToView3(@PathVariable("id")int id){
return "views/level3/"+id;
}
}
当然也可以在数据库中拿信息
没有权限的话会自动转发到/login
//没有权限默认跳转到登陆页面 /login
http.fORMLogin();
//开启注销
http.logout();
<!--thymeleof整合security-->
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
xmlns:sec=http://www.thymeleaf.org/extras/spring-security
用spring-security实现用户登录后显示用户角色的信息
<!--thymeleof整合security-->
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<html lang="en" xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
本篇文章就到这里了,希望能够给你带来帮助,也希望您能够多多关注编程网的更多内容!
--结束END--
本文标题: java SpringSecurity使用详解
本文链接: https://www.lsjlt.com/news/133894.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
下载Word文档到电脑,方便收藏和打印~
2024-03-01
2024-03-01
2024-03-01
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
官方手机版
微信公众号
商务合作
0