SpringBoot集成Spring Security
SpringBoot集成Spring Security
第一步:导入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>${jwt.version}</version>
</dependency>
1.写controller层测试
注意:1.如果版本springboot为2.5.4过高,会直接跳过springsecurity的登录界面,报错为找不到页面4042.需要自己配置用户名和密码
spring:
security:
user:
name: admin
password: 123456
注意:认证默认的加密方式为:Base64
2.定制首页,登录页
package com.example.rity.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @author 杨明书
* @Date 2021/09/02 10:36
*/
thymeleaf的头部:<html xmlns:th="http://www.thymeleaf.org">
/**
* @author 杨明书
* @Date 2021/09/02 11:57
*/
* SpringSecurity 的核心功能
* (1)认证(你是谁,用户/设备/系统)
* (2)验证(你能干什么,也叫权限控制、授权、允许执行的操作)
* (3)攻击防护(防止伪造省份)
* (4)认证功能、授权功能、加密功能、会话功能、缓存功能、remeberMe功能
3.加密
package com.exa.yms.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author 杨明书
* @Date 2021/09/03 10:28
* WebSecurityConfigurerAdapter最重要,所有的东西依赖它
*/