1. 引入依赖
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
2.resource下template目录下
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
登录账号:<span sec:authentication="name"></span><br>
登录账号:<span sec:authentication="principal.username"></span><br>
凭证:<span sec:authentication="credentials"></span><br>
权限和角色:<span sec:authentication="authorities"></span><br>
客户端地址:<span sec:authentication="details.remoteAddress"></span><br>
sessionId:<span sec:authentication="details.sessionId"></span><br>
权限判断
<button sec:authorize="hasAuthority('/insert')">insert</button>
<button sec:authorize="hasAuthority('/delete')">delete</button>
<button sec:authorize="hasAuthority('/update')">update</button>
<button sec:authorize="hasAuthority('/select')">select</button><br>
角色判断
<button sec:authorize="hasRole('aaa')">insert</button>
<button sec:authorize="hasRole('aaa')">delete</button>
<button sec:authorize="hasRole('aaa')">update</button>
<button sec:authorize="hasRole('aaa')">select</button>
</body>
</html>
3.UserDetail类下加入权限进行判断
return new User(username,password,
//创建权限和角色
AuthorityUtils.commaSeparatedStringToAuthorityList("admin,normal,ROLE_aaa,/index.html,/insert,/delete"));
4.退出登录
<body>
<a href="index1.html">index1</a><br>
index
<a href="/logout">logout</a>
</body>
//退出登录
http.logout()
//自定义退出url 调整html界面的url
// .logoutUrl("/user/logout")
.logoutSuccessUrl("/login.html");
