spring security 之 自定义用户登录初体验
项目环境及依赖参考上一篇文章
https://www.cnblogs.com/HanShisi/p/13273772.html
1 创建一个继承了 WebSecurityConfigurerAdapter 的类 覆盖configure(HttpSecurity http)
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class MyCloudSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder( );
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.and()
.authorizeRequests()
.anyRequest()
.authenticated();
}
}
2 实现 UserDetailsService 这里密码设置为123456
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;
@Component
public class MyCloudUserDetailService implements UserDetailsService {
private Logger logger = LoggerFactory.getLogger(MyCloudUserDetailService.class);
@Autowired
private PasswordEncoder passwordEncoder;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
logger.info(passwordEncoder.encode("123456"));
return new User(username,passwordEncoder.encode("123456"),
true,
true,
true,
true,
AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));
}
}
重启项目 使用任意用户名和密码 123456 即可登录项目。
说明:MyCloudUserDetailsServiceImpl 在这个类中 可以注入各自项目中的dao层 查询用户信息将查询出的用户名和密码替换username 和 密码(123456)
PS: spring 5.0以后密码的传参方式有变必须要给一个加密方式