springboot-security环境搭建和用户认证后授权

pom.xml环境要导的包#

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.lu</groupId>
    <artifactId>springboot-security</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>springboot-security</name>
    <description>springboot-security</description>
    <properties>
        <java.version>17</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>


<!--        security包-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

配置包config#

package com.lu.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


@EnableWebSecurity
public class securityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //首页所有人都可以访问,功能页只有拥有权限的人才可以访问,下面是链式编程
        http.authorizeHttpRequests()
                .antMatchers("/").permitAll()//全都可以访问
                .antMatchers("/level1/**").hasRole("vip1")//需要一些角色可以访问
                .antMatchers("/level2/**").hasRole("vip2")
                .antMatchers("/level3/**").hasRole("vip3");
        http.formLogin();//没有权限会自动跳转到登录页面
    }


//        //正常这些数据应给从数据库中读取
//        //密码加密编码PasswordEncoder
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {  //AuthenticationManagerBuilder授权管理建造者
    auth.inMemoryAuthentication()   //inMemoryAuthentication()在内存中存储授权信息
            .withUser("admin").password(new BCryptPasswordEncoder().encode("12345")).roles("vip1","vip2","vip3").and()  //授权用户1信息配置
            .withUser("lu").password(new BCryptPasswordEncoder().encode("12345")).roles("vip1").and()         //授权用户2信息配置
            .withUser("lisi").password(new BCryptPasswordEncoder().encode("12345")).roles("vip2","vip3").and()             //授权用户3信息配置
            .passwordEncoder(new BCryptPasswordEncoder());
    //结不了课明天看官方文档
    }



}

controller#

package com.lu.controller;


import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class TextController {
    @RequestMapping({"/", "/index"})
    public String index() {
        return "/index";
    }

    @RequestMapping("/login")
    public String login() {
        return "views/login";
    }

//    @RequestMapping("/vs/{id1}/{id2}")
//    public String views(@PathVariable("id1") int id1,@PathVariable("id2") int id2){
//        return "views/level"+id1+"/"+id2;
//    }

    @RequestMapping("/level1/{id}")
    public String level1(@PathVariable("id") int id) {//这里写的要和前端对应不对应要报404
        return "views/level1/" + id;
    }

    @RequestMapping("/level2/{id}")
    public String level2(@PathVariable("id") int id) {
        return "views/level2/" + id;
    }

    @RequestMapping("/level3/{id}")
    public String level3(@PathVariable("id") int id) {
        return "views/level3/" + id;
    }
}

application#

spring.thymeleaf.cache=false 
server.port=8081

这里省略前端页面前端页面网上有资源#

作者:freps

出处:https://www.cnblogs.com/freps/p/18459267

版权:本作品采用「署名-非商业性使用-相同方式共享 4.0 国际」许可协议进行许可。

posted @   LL。。。  阅读(3)  评论(0编辑  收藏  举报  
相关博文:
·  springboot-security注销及权限控制
·  springboot-shiro(大集合)
·  spring boot 3.3.3 通用 pom.xml
·  Spring Security
·  200_SpringSecurity
阅读排行:
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构
more_horiz
keyboard_arrow_up dark_mode palette
选择主题
menu
点击右上角即可分享
微信分享提示
AI IDE Trae