• springboot-security

    一、添加依赖

      <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

    二、添加启动configuration 启动SpringSecurity过滤链

    import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.annotation.Resource;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/27 15:34
 */
@Configuration
@EnableWebSecurity //启动SpringSecurity过滤链
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    @Resource
    private AuthUserDetailService authUserDetailService;

    //该方法的作用是代替之前的配置:<security:authentication-manager>
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("eric").password(new BCryptPasswordEncoder().encode("abc")).authorities("PRO_ADD");
        //相当于<security:authentication-provider user-service-ref="authUserDetailService">
        auth.userDetailsService(authUserDetailService).passwordEncoder(new BCryptPasswordEncoder());
    }
    //该方法的作用是代替之前的配置:<security:http>
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/manager/pro/del").hasAnyAuthority("Role_Del")
                .antMatchers("/manager/login").permitAll()
                .antMatchers("/manager/**")
                .fullyAuthenticated()
                .and()
                .formLogin().loginPage("/manager/login").failureHandler( new MyAuthenticationFailureHandler())
                .successHandler(new MyAuthenticationSuccessHandler())
                .and()
                .csrf().disable();


    }
}

    同一错误页面转发

    import org.springframework.boot.web.server.ConfigurableWebServerFactory;
import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.WebServerFactory;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.context.EmbeddedValueResolverAware;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/27 16:41
 */
@Configuration
public class ErrorPageConfig {
    @Bean
    public WebServerFactoryCustomizer<ConfigurableWebServerFactory> webServerFactoryCustomizer(){
        return new WebServerFactoryCustomizer<ConfigurableWebServerFactory>(){
            //ErrorPage:定义错误页面
            //参数一 错误状态码
            //参数二 交给哪个请求处理
            @Override
            public void customize(ConfigurableWebServerFactory factory) {
                factory.addErrorPages(new ErrorPage(HttpStatus.FORBIDDEN,"/403"));
            }


        };
    }
}

    用户权限赋予类

    import cn.net.topnet.topfs.dynamicdb.MongodbTemplateContextHolder;
import cn.net.topnet.topfs.entities.Permissions;
import cn.net.topnet.topfs.entities.Users;
import cn.net.topnet.topfs.service.UserService;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/28 10:03
 @Description: 实现了UserDetailsService接口中的loadUserByUsername方法
  * 执行登录,构建Authentication对象必须的信息,
  * 如果用户不存在,则抛出UsernameNotFoundException异常
 * @Param: [s]
 * @return: org.springframework.security.core.userdetails.UserDetails
 */
@Service
public class AuthUserDetailService implements UserDetailsService {
    @Resource
    private UserService userService;

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
        /**
         * @Author: Galen
         * @Description: 查询数据库,获取登录的用户信息
         **/
        MongodbTemplateContextHolder.setMongoDBTemplate("metadata");
        Users user = userService.findOneByUserName(s);
        if(user==null){
            throw new UsernameNotFoundException("用户名错误!");
        }
        MongodbTemplateContextHolder.setMongoDBTemplate("metadata");
        Set<Permissions> allPermissions = userService.findAllPermissionsByName(s);
        List<GrantedAuthority> authorities=new ArrayList<GrantedAuthority>();
        allPermissions.forEach(permissions -> {
            GrantedAuthority grantedAuthority=new SimpleGrantedAuthority(permissions.getSymbol());
            authorities.add(grantedAuthority);
        });
        user.setAuthorities(authorities);
        return user;
    }
}

    验证失败拦截器

    import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.authentication.*;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/28 14:02
 */
public class MyAuthenticationFailureHandler implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        response.setContentType("application/json;charset=utf-8");
        Map result=new HashMap();
        if (exception instanceof BadCredentialsException ||
                exception instanceof UsernameNotFoundException) {
            result.put("error","账户名或者密码输入错误!");
        } else if (exception instanceof LockedException) {
            result.put("error","账户被锁定,请联系管理员!");
        } else if (exception instanceof CredentialsExpiredException) {
            result.put("error","密码过期,请联系管理员!");
        } else if (exception instanceof AccountExpiredException) {
            result.put("error","账户过期,请联系管理员!");
        } else if (exception instanceof DisabledException) {
            result.put("error","账户被禁用,请联系管理员!");
        } else {
            result.put("error","登录失败!");
        }
        ObjectMapper objectMapper=new ObjectMapper();
        response.setContentType("Text/json;charset=utf-8");
        response.getWriter().write(objectMapper.writeValueAsString(result));


    }
}

    验证成功拦截器

    import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/28 14:37
 */
public class MyAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        Map result=new HashMap();
        result.put("success",true);
        ObjectMapper objectMapper=new ObjectMapper();
        response.getWriter().write(objectMapper.writeValueAsString(result));
    }
}

    用户实体类

    import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/27 17:26
 */
public class Users implements UserDetails {

    private String id;
    private String username;
    private String realName;
    private String password;
    private Date creatDate;
    private Date lastLoginTime;
    private boolean enabled;
    private boolean accountNonExpired;
    private boolean accountNonLocked;
    private boolean credentialsNonExpired;
    private List<GrantedAuthority> authorities=new ArrayList<>();
    public String getId() {
        return id;
    }

    public void setAuthorities(List<GrantedAuthority> authorities) {
        this.authorities = authorities;
    }

    public void setId(String id) {
        this.id = id;
    }

    @Override
    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getRealName() {
        return realName;
    }

    public void setRealName(String realName) {
        this.realName = realName;
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return this.authorities;
    }

    @Override
    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public Date getCreatDate() {
        return creatDate;
    }

    public void setCreatDate(Date creatDate) {
        this.creatDate = creatDate;
    }

    public Date getLastLoginTime() {
        return lastLoginTime;
    }

    public void setLastLoginTime(Date lastLoginTime) {
        this.lastLoginTime = lastLoginTime;
    }

    @Override
    public boolean isEnabled() {
        return enabled;
    }

    public void setEnabled(boolean enabled) {
        this.enabled = enabled;
    }

    @Override
    public boolean isAccountNonExpired() {
        return accountNonExpired;
    }

    public void setAccountNonExpired(boolean accountNonExpired) {
        this.accountNonExpired = accountNonExpired;
    }

    @Override
    public boolean isAccountNonLocked() {
        return accountNonLocked;
    }

    public void setAccountNonLocked(boolean accountNonLocked) {
        this.accountNonLocked = accountNonLocked;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return credentialsNonExpired;
    }

    public void setCredentialsNonExpired(boolean credentialsNonExpired) {
        this.credentialsNonExpired = credentialsNonExpired;
    }
}

    controller

    import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Autor zhangjiawen
 * @Date: 2020/4/27 15:45
 */
@Controller
@RequestMapping("/manager")
public class SecurityController {

    @GetMapping("/index")
    public String index(){
        return "index";
    }

    @GetMapping("/pro/add")
    public String add(){
        return "add";
    }
    @GetMapping("/pro/update")
    public String update(){
        return "update";
    }
    @GetMapping("/pro/del")
    public String del(){
        return "del";
    }

    @GetMapping("/403")
    public String forbidden(){
        return "403";
    }
    @GetMapping("/login")
    public String login(){
        return "login";
    }

}

    login.html

    <!DOCTYPE html >
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form action="/api/v1/manager/login" method="post">
账号:<input type="text" name="username"/>
    密码:<input type="text" name="password">
    <input type="submit" value="登录" />
    <span th:text="${error}"></span>

</form>

</body>
</html>

    密码加密代码块

        @Override
    public Users insert(Users entity) {
        PasswordEncoder passwordEncoder=new BCryptPasswordEncoder();
        entity.setPassword(passwordEncoder.encode(entity.getPassword()));
        return mongoTemplate.insert(entity);
    }
  • 相关阅读:
    达到J2EE在后台action控制接待javascript弹出的对话框
    .Net下一个Winform方案可以让MessageBox.Show它显示在父窗口的中间
    Apache Commons-logging使用实例
    java aopalliance-1.0.jar这个包是做什么用的?
    antlr-2.7.6.jar的作用
    ORA-12516 TNS监听程序找不到符合协议堆栈要求的可用处理程序--解决方法
    Java 使用poi导入excel,结合xml文件进行数据验证的例子(增加了jar包)
    javaweb学习总结(二十六)——jsp简单标签标签库开发(二)
    javaweb学习总结(二十五)——jsp简单标签开发(一)
    javaweb学习总结(二十四)——jsp传统标签开发
  • 原文地址:https://www.cnblogs.com/jiawen010/p/12802850.html
Copyright © 2020-2023  润新知