Spring security 知识笔记【内存角色授权】

一、原有的配置文件中，增加注解@EnableGlobalMethodSecurity(prePostEnabled = true)

二、原有配置文件中，内存新建账号的时候添加角色

package Eleven.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("admin").password(passwordEncoder().encode("123456")).roles("admin");
        auth.inMemoryAuthentication().withUser("user").password(passwordEncoder().encode("123456")).roles("normal");
    }
}

 

三、controller里面不同路径授予不同角色访问

package Eleven.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;




@RestController
public class AuthenticationTestController {

    @GetMapping("/user")
    @PreAuthorize("hasAnyRole('normal')")
    public String helloWorld(){
        return "This is a user page!";
    }


    @GetMapping("/admin")
    @PreAuthorize("hasAnyRole('admin')")
    public String getAdminInfo(){
        return "This is Admin page!";
    }



}