springboot整合springsecurity

案例

本案例以springboot整合springsecurity和thymeleaf俩进行实现
1、引入依赖

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.thymeleaf.extras</groupId>
            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
        </dependency>

2、配置自定义Security管理类,继承WebSecurityConfigurerAdapter类,添加注解@EnableWebSecurity交给springboot管理

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/first/*").hasAnyRole("vip1")
                .antMatchers("/second/*").hasAnyRole("vip2")
                .antMatchers("/third/*").hasAnyRole("vip3");
        http.formLogin().loginPage("/toLogin").usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login");
        http.csrf().disable();
        http.logout().logoutSuccessUrl("/");
        http.rememberMe().rememberMeParameter("rememberMe");
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("zhang1").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1")
                .and()
                .withUser("zhang2").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2")
                .and()
                .withUser("zhang3").password(new BCryptPasswordEncoder().encode("123456")).roles("vip3")
                .and()
                .withUser("admin").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1","vip2","vip3");
    }
}


版权声明:本文为qq_43803695原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。