• spring boot 下 spring security 自定义登录配置与form-login属性详解

    package zhet.sprintBoot;

    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.builders.WebSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;

    /**
    * @author sdcuike
    * @date 2018/1/28
    * @since 2018/1/28
    */
    @Configuration
    @EnableWebSecurity
    @EnableGlobalMethodSecurity(prePostEnabled = true)
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private CustomUserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder( new PasswordEncoder() {
    @Override
    public String encode(CharSequence charSequence) {
    return charSequence.toString();
    }

    @Override
    public boolean matches(CharSequence charSequence, String s) {
    return s.equals(charSequence.toString());
    }
    });
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    http
    // 设置登陆页
    .formLogin() 

    // login22.html 在 static 文件夹下
    .loginPage("/login22.html")

    //自定义登录页的 action  = "/login"
    .loginProcessingUrl("/login") // 自定义的登录接口

    // 设置登陆成功页
    .defaultSuccessUrl("/home.html")
    .failureUrl("/loginFaile.html").permitAll()
    .and().authorizeRequests()
    // .antMatchers("/login").permitAll()
    .anyRequest().authenticated();

    // 如果有允许匿名的url,填在下面
    // .antMatchers().permitAll()


    // 自定义登陆用户名和密码参数,默认为username和password
    // .usernameParameter("username")
    // .passwordParameter("password")
    // .and()
    // .logout().permitAll()

    // 关闭CSRF跨域
    http.csrf().disable();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
    // 设置拦截忽略文件夹,可以对静态资源放行
    web.ignoring().antMatchers("/css/**", "/js/**");
    }
    }
  • 相关阅读:
    rowid去重(转)
    Oracle中 row_number() over()分析函数(转)
    oracle分页计算公式
    vue 生产环境和线上环境配置
    vue postcss 样式等比缩放
    element-ui 表单输入手机号验证是否注册或者存在
    使用vue-qr 生成 二维码
    vue下载excel文件,后台传过来的是文件流解决办法
    前端请求接口发送的路径用域名代替ip
    将本地端口映射子域名
  • 原文地址:https://www.cnblogs.com/jichen/p/9540530.html
Copyright © 2020-2023  润新知