Spring security用户认证(设置用户名密码)
1、通过配置文件实现设置用户名密码
重新启动我们的服务:
2、通过配置类继承接口实现设置用户名密码
2.1、创建一个SecurityConfig配置类
2.2、代码
package com.kgf.security.config;import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;@Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter {/**** 设置登录的用户* @param auth* @throws Exception*/@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {//用来加密BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();String password = encoder.encode("123456");auth.inMemoryAuthentication().withUser("test").password(password).roles("admin");}/**** 注入PasswordEncoder到spring中* @return*/@Beanpublic PasswordEncoder passwordEncoder(){return new BCryptPasswordEncoder();} }启动后,登录
3、通过自定义UserDetailsService的实现类设置用户名密码
3.1、项目结构如下
3.2、查看我们的SecurityConfig配置类
package com.kgf.security.config;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;@Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter {@Autowiredprivate UserDetailsService userDetailsService;/**** 设置登录的用户* @param auth* @throws Exception*/@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {//这是使用内存的方式 // BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); // String password = encoder.encode("123456"); // auth.inMemoryAuthentication().withUser("test").password(password).roles("admin");//下面使用自定义接口实现类从数据库查询auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());}/**** 注入PasswordEncoder到spring中* @return*/@Beanpublic PasswordEncoder passwordEncoder(){return new BCryptPasswordEncoder();} }3.3、查看我们自定义的MyUserDetailsService类
package com.kgf.security.service;import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service;import java.util.List;/**** spring security查询用户的时候会自动到这个类中去查找*/ @Service("userDetailsService") public class MyUserDetailsService implements UserDetailsService {@Overridepublic UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {//这里我们就不去查询数据库了,直接new一个对象ListauthorityList = AuthorityUtils.commaSeparatedStringToAuthorityList("role");return new User("admin",new BCryptPasswordEncoder().encode("123456"),authorityList);} } 3.4、启动项目访问
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!