入门

父工程依赖

     <!-- 依赖版本号 -->
    <properties>
        <mybatis-plus.version>3.2.0</mybatis-plus.version>
        <druid.version>1.1.12</druid.version>
        <oauth2-autoconfigure.version>2.1.3.RELEASE</oauth2-autoconfigure.version>
        <kaptcha.version>2.3.2</kaptcha.version>
        <fastjson.version>1.2.8</fastjson.version>
        <commons-lang.version>2.6</commons-lang.version>
        <commons-collections.version>3.2.2</commons-collections.version>
        <commons-io.version>2.6</commons-io.version>
    </properties>
 
    <!-- 集中式管理依赖版本号,并没有真实依赖 -->
    <dependencyManagement>
        <dependencies>
            <!--mybatis-plus启动器-->
            <dependency>
                <groupId>com.baomidou</groupId>
                <artifactId>mybatis-plus-boot-starter</artifactId>
                <version>${mybatis-plus.version}</version>
            </dependency>
            <!--druid连接池-->
            <dependency>
                <groupId>com.alibaba</groupId>
                <artifactId>druid</artifactId>
                <version>${druid.version}</version>
            </dependency>
 
            <!--spring-security-oauth2、spring-security-jwt等-->
            <dependency>
                <groupId>org.springframework.security.oauth.boot</groupId>
                <artifactId>spring-security-oauth2-autoconfigure</artifactId>
                <version>${oauth2-autoconfigure.version}</version>
            </dependency>
            <!-- kaptcha 用于图形验证码 -->
            <dependency>
                <groupId>com.github.penggle</groupId>
                <artifactId>kaptcha</artifactId>
                <version>${kaptcha.version}</version>
            </dependency>
            <!-- 工具类依赖 -->
            <dependency>
                <groupId>com.alibaba</groupId>
                <artifactId>fastjson</artifactId>
                <version>${fastjson.version}</version>
            </dependency>
            <dependency>
                <groupId>commons-lang</groupId>
                <artifactId>commons-lang</artifactId>
                <version>${commons-lang.version}</version>
            </dependency>
            <dependency>
                <groupId>commons-collections</groupId>
                <artifactId>commons-collections</artifactId>
                <version>${commons-collections.version}</version>
            </dependency>
            <dependency>
                <groupId>commons-io</groupId>
                <artifactId>commons-io</artifactId>
                <version>${commons-io.version}</version>
            </dependency>
        </dependencies>
    </dependencyManagement>
 
    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.7.0</version>
                <configuration>
                    <source>1.8</source>
                    <target>1.8</target>
                    <encoding>UTF-8</encoding>
                </configuration>
            </plugin>
        </plugins>
    </build>

base子模块依赖

     <dependencies>
        <!--类中setter/getter,使用注解-->
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
        </dependency>
        <!-- 工具类依赖 -->
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>fastjson</artifactId>
        </dependency>
        <dependency>
            <groupId>commons-lang</groupId>
            <artifactId>commons-lang</artifactId>
        </dependency>
        <dependency>
            <groupId>commons-collections</groupId>
            <artifactId>commons-collections</artifactId>
        </dependency>
        <dependency>
            <groupId>commons-io</groupId>
            <artifactId>commons-io</artifactId>
        </dependency>
    </dependencies>

resources文件夹下编写logback.xml

 <?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <!-- 彩色日志 -->
    <!-- 彩色日志依赖的渲染类 -->
    <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
    <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
    <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
    <!-- 彩色日志格式 -->
    <property name="CONSOLE_LOG_PATTERN" value="${CONSOLE_LOG_PATTERN:-%clr(%d{HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>
    <!-- ch.qos.logback.core.ConsoleAppender 表示控制台输出 -->
    <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
        <layout class="ch.qos.logback.classic.PatternLayout">
                <pattern>${CONSOLE_LOG_PATTERN}</pattern>
        </layout>
    </appender>
    <root level="info">
        <appender-ref ref="stdout" />
    </root>
</configuration>

core子模块依赖

     <dependencies>
        <!--依赖base基础模块 -->
        <dependency>
            <groupId>com.ychen.security</groupId>
            <version>1.0-SNAPSHOT</version>
            <artifactId>base</artifactId>
        </dependency>
        <!-- 认证依赖 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <!-- 解决过滤器错误 -->
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>servlet-api</artifactId>
            <version>2.5</version>
        </dependency>
    </dependencies>

配置类

 @Configuration
@EnableWebSecurity // 开启springsecurity过滤链 filter
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
    
    Logger logger = LoggerFactory.getLogger(getClass());
 
    @Bean
    public PasswordEncoder passwordEncoder() {
        // 明文+随机盐值》加密存储
        return new BCryptPasswordEncoder();
    }
 
    /**
     * 认证管理器：
     * 1. 认证信息（用户名，密码）
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 数据库存储的密码必须是加密后的，不然会报错：There is no PasswordEncoder mapped for the id "null"
        String password = passwordEncoder().encode("admin");
        logger.info("加密之后存储的密码：" + password);
        auth.inMemoryAuthentication().withUser("admin")
                .password(password).authorities("ADMIN");
    }
 
    /**
     * 资源权限配置：
     * 1. 被拦截的资源
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                // 登录的url
                .loginProcessingUrl("/login")
                // 登录成功后跳转url
                .defaultSuccessUrl("/success").permitAll()
                // 不需要认证就能访问
                .and().authorizeRequests()
                .antMatchers("/test").permitAll()
                // 其他请求需要认证
                .anyRequest().authenticated()
                // 关闭csrf
                .and().csrf().disable();
    }
 
}

web子模块依赖

     <dependencies>
        <!-- web启动器, 对springmvc, servlet等支持 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <!--权限核心模块, 注意：要放到 web启动器下面-->
        <dependency>
            <groupId>com.ychen.security</groupId>
            <version>1.0-SNAPSHOT</version>
            <artifactId>core</artifactId>
        </dependency>
        <!-- application.yml 配置处理器-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-configuration-processor</artifactId>
            <optional>true</optional>
        </dependency>
        <!-- springboot 单元测试 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
        </dependency>
        <!--热部署 ctrl+f9-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
        </dependency>
    </dependencies>

启动类

 @SpringBootApplication
public class WebApplication {
 
    public static void main(String[] args) {
        SpringApplication.run(WebApplication.class, args);
    }
 
}

测试接口

 @Controller
public class TestController {
 
    // 需要认证才能访问的路径
    @RequestMapping({"/index", "/", ""})
    @ResponseBody
    public String index() {
        return "index";
    }
 
    // 不需要认证就能访问的路径
    @RequestMapping("/test")
    @ResponseBody
    public String test() {
        return "test";
    }
 
    // 认证成功后跳转的路径
    @GetMapping("/success")
    @ResponseBody
    public String success(){
        return "success";
    }
 
}

未认证时，直接访问test接口，访问成功
未认证时，直接访问index接口，跳转到认证页面
输入用户名和密码，跳转到index

posted @ 2022-06-24 05:19 DogLeftover 阅读(17) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· 依赖管理和扫描路径

· security单点登录案例

· 2.父工程配置

· 创建父子工程

· springSecurity SpringCloud 【2】依赖

阅读排行：
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗？
· 10年+ .NET Coder 心语 ── 封装的思维：从隐藏、稳定开始理解其本质意义
· 【设计模式】告别冗长if-else语句：使用策略模式优化代码结构
· 字符编码：从基础到乱码解决
· 提示词工程——AI应用必不可少的技术

入门

我的标签

合集 (4)

随笔分类 (1350)

阅读排行榜

推荐排行榜

	<!-- 依赖版本号 -->
	<properties>
	<mybatis-plus.version>3.2.0</mybatis-plus.version>
	<druid.version>1.1.12</druid.version>
	<oauth2-autoconfigure.version>2.1.3.RELEASE</oauth2-autoconfigure.version>
	<kaptcha.version>2.3.2</kaptcha.version>
	<fastjson.version>1.2.8</fastjson.version>
	<commons-lang.version>2.6</commons-lang.version>
	<commons-collections.version>3.2.2</commons-collections.version>
	<commons-io.version>2.6</commons-io.version>
	</properties>

	<!-- 集中式管理依赖版本号,并没有真实依赖 -->
	<dependencyManagement>
	<dependencies>
	<!--mybatis-plus启动器-->
	<dependency>
	<groupId>com.baomidou</groupId>
	<artifactId>mybatis-plus-boot-starter</artifactId>
	<version>${mybatis-plus.version}</version>
	</dependency>
	<!--druid连接池-->
	<dependency>
	<groupId>com.alibaba</groupId>
	<artifactId>druid</artifactId>
	<version>${druid.version}</version>
	</dependency>

	<!--spring-security-oauth2、spring-security-jwt等-->
	<dependency>
	<groupId>org.springframework.security.oauth.boot</groupId>
	<artifactId>spring-security-oauth2-autoconfigure</artifactId>
	<version>${oauth2-autoconfigure.version}</version>
	</dependency>
	<!-- kaptcha 用于图形验证码 -->
	<dependency>
	<groupId>com.github.penggle</groupId>
	<artifactId>kaptcha</artifactId>
	<version>${kaptcha.version}</version>
	</dependency>
	<!-- 工具类依赖 -->
	<dependency>
	<groupId>com.alibaba</groupId>
	<artifactId>fastjson</artifactId>
	<version>${fastjson.version}</version>
	</dependency>
	<dependency>
	<groupId>commons-lang</groupId>
	<artifactId>commons-lang</artifactId>
	<version>${commons-lang.version}</version>
	</dependency>
	<dependency>
	<groupId>commons-collections</groupId>
	<artifactId>commons-collections</artifactId>
	<version>${commons-collections.version}</version>
	</dependency>
	<dependency>
	<groupId>commons-io</groupId>
	<artifactId>commons-io</artifactId>
	<version>${commons-io.version}</version>
	</dependency>
	</dependencies>
	</dependencyManagement>

	<build>
	<plugins>
	<plugin>
	<groupId>org.apache.maven.plugins</groupId>
	<artifactId>maven-compiler-plugin</artifactId>
	<version>3.7.0</version>
	<configuration>
	<source>1.8</source>
	<target>1.8</target>
	<encoding>UTF-8</encoding>
	</configuration>
	</plugin>
	</plugins>
	</build>

	<dependencies>
	<!--类中setter/getter,使用注解-->
	<dependency>
	<groupId>org.projectlombok</groupId>
	<artifactId>lombok</artifactId>
	</dependency>
	<!-- 工具类依赖 -->
	<dependency>
	<groupId>com.alibaba</groupId>
	<artifactId>fastjson</artifactId>
	</dependency>
	<dependency>
	<groupId>commons-lang</groupId>
	<artifactId>commons-lang</artifactId>
	</dependency>
	<dependency>
	<groupId>commons-collections</groupId>
	<artifactId>commons-collections</artifactId>
	</dependency>
	<dependency>
	<groupId>commons-io</groupId>
	<artifactId>commons-io</artifactId>
	</dependency>
	</dependencies>

	<?xml version="1.0" encoding="UTF-8"?>
	<configuration>
	<!-- 彩色日志 -->
	<!-- 彩色日志依赖的渲染类 -->
	<conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
	<conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
	<conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
	<!-- 彩色日志格式 -->
	<property name="CONSOLE_LOG_PATTERN" value="${CONSOLE_LOG_PATTERN:-%clr(%d{HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>
	<!-- ch.qos.logback.core.ConsoleAppender 表示控制台输出 -->
	<appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
	<layout class="ch.qos.logback.classic.PatternLayout">
	<pattern>${CONSOLE_LOG_PATTERN}</pattern>
	</layout>
	</appender>
	<root level="info">
	<appender-ref ref="stdout" />
	</root>
	</configuration>

	<dependencies>
	<!--依赖base基础模块 -->
	<dependency>
	<groupId>com.ychen.security</groupId>
	<version>1.0-SNAPSHOT</version>
	<artifactId>base</artifactId>
	</dependency>
	<!-- 认证依赖 -->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-security</artifactId>
	</dependency>
	<!-- 解决过滤器错误 -->
	<dependency>
	<groupId>javax.servlet</groupId>
	<artifactId>servlet-api</artifactId>
	<version>2.5</version>
	</dependency>
	</dependencies>

	@Configuration
	@EnableWebSecurity // 开启springsecurity过滤链 filter
	public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

	Logger logger = LoggerFactory.getLogger(getClass());

	@Bean
	public PasswordEncoder passwordEncoder() {
	// 明文+随机盐值》加密存储
	return new BCryptPasswordEncoder();
	}

	/**
	* 认证管理器：
	* 1. 认证信息（用户名，密码）
	* @param auth
	* @throws Exception
	*/
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	// 数据库存储的密码必须是加密后的，不然会报错：There is no PasswordEncoder mapped for the id "null"
	String password = passwordEncoder().encode("admin");
	logger.info("加密之后存储的密码：" + password);
	auth.inMemoryAuthentication().withUser("admin")
	.password(password).authorities("ADMIN");
	}

	/**
	* 资源权限配置：
	* 1. 被拦截的资源
	* @param http
	* @throws Exception
	*/
	@Override
	protected void configure(HttpSecurity http) throws Exception {
	http.formLogin()
	// 登录的url
	.loginProcessingUrl("/login")
	// 登录成功后跳转url
	.defaultSuccessUrl("/success").permitAll()
	// 不需要认证就能访问
	.and().authorizeRequests()
	.antMatchers("/test").permitAll()
	// 其他请求需要认证
	.anyRequest().authenticated()
	// 关闭csrf
	.and().csrf().disable();
	}

	}

	<dependencies>
	<!-- web启动器, 对springmvc, servlet等支持 -->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-web</artifactId>
	</dependency>
	<!--权限核心模块, 注意：要放到 web启动器下面-->
	<dependency>
	<groupId>com.ychen.security</groupId>
	<version>1.0-SNAPSHOT</version>
	<artifactId>core</artifactId>
	</dependency>
	<!-- application.yml 配置处理器-->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-configuration-processor</artifactId>
	<optional>true</optional>
	</dependency>
	<!-- springboot 单元测试 -->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-test</artifactId>
	</dependency>
	<!--热部署 ctrl+f9-->
	<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-devtools</artifactId>
	</dependency>
	</dependencies>

	@SpringBootApplication
	public class WebApplication {

	public static void main(String[] args) {
	SpringApplication.run(WebApplication.class, args);
	}

	}

	@Controller
	public class TestController {

	// 需要认证才能访问的路径
	@RequestMapping({"/index", "/", ""})
	@ResponseBody
	public String index() {
	return "index";
	}

	// 不需要认证就能访问的路径
	@RequestMapping("/test")
	@ResponseBody
	public String test() {
	return "test";
	}

	// 认证成功后跳转的路径
	@GetMapping("/success")
	@ResponseBody
	public String success(){
	return "success";
	}

	}