SpringSecurity进行认证

不加密认证

 接口类

public interface UserService extends UserDetailsService {

    public void save(SysUser user);

    public List<SysUser> findAll();

    public Map<String, Object> toAddRolePage(Integer id);

    public void addRoleToUser(Integer userId, Integer[] ids);
}

 Service类

@Service
@Transactional
public class UserServiceImpl implements UserService {
    @Autowired
    private UserDao userDao;

    @Autowired
    private RoleService roleService;

    public void save(SysUser user) {
        userDao.save(user);
    }

    public List<SysUser> findAll() {
        return userDao.findAll();
    }

    public Map<String, Object> toAddRolePage(Integer id) {
        List<SysRole> allRoles = roleService.findAll();
        List<Integer> myRoles = userDao.findRolesByUid(id);
        Map<String, Object> map = new HashMap<String, Object> ();
        map.put("allRoles", allRoles);
        map.put("myRoles", myRoles);
        return map;
    }

    public void addRoleToUser(Integer userId, Integer[] ids) {
        userDao.removeRoles(userId);
        for (Integer rid : ids) {
            userDao.addRoles(userId, rid);
        }
    }

    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        SysUser sysUser = userDao.findByName(username);
        if(sysUser==null){
        //若用户名不对,直接返回null,表示认证失败。
            return null;
        }
        List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();
        List<SysRole> roles = sysUser.getRoles();
        for (SysRole role : roles) {
            authorities.add(new SimpleGrantedAuthority(role.getRoleName()));
        }
        System.out.println(sysUser);
        //最终需要返回一个SpringSecurity的UserDetails对象,{noop}表示不加密认证。
        return new User(sysUser.getUsername(), "{noop}"+sysUser.getPassword(), authorities);
    }
}

在SpringSecurity主配置文件中指定认证使用的业务对象

<!--设置Spring Security认证用户信息的来源-->
<security:authentication-manager>
     <security:authentication-provider user-service-ref="userServiceImpl">
     </security:authentication-provider>
</security:authentication-manager>

 登陆

 

 加密认证

 

 测试类:

public class Test {

    public static void main(String[] args) {
        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        String encode = passwordEncoder.encode("123");
        //xrvpAkhezroVcZbO2CmyBOIzme1kAhTdGLxGXaCj76UPSm7O5CAca
        System.out.println(encode);
    }
}
 public void save(SysUser user) {
        user.setPassword(passwordEncoder.encode(user.getPassword()));
        userDao.save(user);
    }

 去掉不加密认证

posted @ 2020-02-26 22:09  天宇轩-王  阅读(234)  评论(0编辑  收藏  举报