• spring security结合数据库验证用户-注解方式

    项目目录结构如下:

    首先数据库的建立和数据导入,以及一些类的依赖参考XML配置方式,需要修改一些配置。

    一、在AppConfig文件中添加DataSource的配置
    @Bean(name = "dataSource")
    public DriverManagerDataSource dataSource() {
        DriverManagerDataSource driverManagerDataSource = new DriverManagerDataSource();
        driverManagerDataSource.setDriverClassName("com.mysql.jdbc.Driver");
        driverManagerDataSource.setUrl("jdbc:mysql://192.168.11.81:3306/security_learning");
        driverManagerDataSource.setUsername("petter");
        driverManagerDataSource.setPassword("petter");
        return driverManagerDataSource;
    }

    类似于spring-database.xml的配置

    修改:
    @Bean
    public SpringTemplateEngine springTemplateEngine() {
        SpringTemplateEngine springTemplateEngine = new SpringTemplateEngine();
        springTemplateEngine.setTemplateResolver(springResourceTemplateResolver());
        springTemplateEngine.addDialect(new SpringSecurityDialect());
        return springTemplateEngine;
    }

    添加SpringSecurityDialect

    二、修改SecurityConfig文件
    package com.petter.config;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import javax.annotation.Resource;
import javax.sql.DataSource;
/**
 * 相当于spring-security.xml中的配置
 * @author hongxf
 * @since 2017-03-08 9:30
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Resource
    private DataSource dataSource;
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource)
                .usersByUsernameQuery("select username,password, enabled from users where username = ?")
                .authoritiesByUsernameQuery("select username, role from user_roles where username = ?");
    }
    /**
     * 配置权限要求
     * 采用注解方式,默认开启csrf
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/admin/**").hasRole("ADMIN")
                .antMatchers("/dba/**").hasAnyRole("ADMIN", "DBA")
            .and()
                .formLogin().loginPage("/login")
                .defaultSuccessUrl("/welcome").failureUrl("/login?error")
                .usernameParameter("user-name").passwordParameter("pwd")
            .and()
                .logout().logoutSuccessUrl("/login?logout")
            .and()
                .exceptionHandling().accessDeniedPage("/403")
            .and()
                .csrf();
    }
}

    三、html文件的添加和修改参考XML配置方式

    启动程序测试即可
     
  • 相关阅读:
    每天一个linux命令(57):ss命令
    [原][osg][osgearth]我眼中的osgearth
    [osg]osgDB的加载机制,使用3DS插件做参考(转,整理现有osgDB资料)
    [原][osgearth]osgearthviewer读取earth文件,代码解析(earth文件读取的一帧)
    [原][译][osgearth]Model Source Drivers模型驱动源(OE官方文档翻译)
    [原][译][osgearth]样式表style中参数总结(OE官方文档翻译)
    [原][osgearth]API加载earth文件的解析
    [原][译][osgearth]API加载地球(OE官方文档翻译)
    [osgearth]Earth文件详解
    [osgearth]通过API创建一个earth模型
  • 原文地址:https://www.cnblogs.com/hongxf1990/p/6555848.html
Copyright © 2020-2023  润新知