Spring security 知识笔记【内存角色授权】
一、原有的配置文件中,增加注解@EnableGlobalMethodSecurity(prePostEnabled = true)
二、原有配置文件中,内存新建账号的时候添加角色
package Eleven.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder passwordEncoder(){ return new BCryptPasswordEncoder(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser("admin").password(passwordEncoder().encode("123456")).roles("admin"); auth.inMemoryAuthentication().withUser("user").password(passwordEncoder().encode("123456")).roles("normal"); } }
三、controller里面不同路径授予不同角色访问
package Eleven.controller; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; @RestController public class AuthenticationTestController { @GetMapping("/user") @PreAuthorize("hasAnyRole('normal')") public String helloWorld(){ return "This is a user page!"; } @GetMapping("/admin") @PreAuthorize("hasAnyRole('admin')") public String getAdminInfo(){ return "This is Admin page!"; } }
