标签:return Spring login springframework public org security class 搭建
整个阴间版本,不推荐在项目里这样去使用,直接使用springboot就行了。这里只是为了更好的了解框架。
既有 xml 配置,也有servlet3.0 的方式加载,不过这2种方式都是基于spring注解来做的。
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.zzhua</groupId>
<artifactId>demo-spring-security</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>2.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>5.0.2.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.0.2.RELEASE</version>
</dependency>
<!--整合spring-security-->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>5.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>5.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.47</version>
</dependency>
<!--<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.16</version>
</dependency>
-->
</dependencies>
<build>
<finalName>demo-spring-security</finalName>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
<configuration>
<!-- 配置端口 -->
<port>8080</port>
<!-- 配置urlencoding -->
<uriEncoding>UTF-8</uriEncoding>
<!-- 配置项目的访问路径 -->
<path>/</path>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
</project>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">
<context-param>
<param-name>contextClass</param-name>
<param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
</context-param>
<!-- 使用spring 监听器 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Spring核心配置文件 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>com.zzhua.config.AppConfig</param-value>
</context-param>
<!-- 配置SpringMVC -->
<servlet>
<servlet-name>springMvc</servlet-name>
<servlet-class>com.zzhua.config.CustomizeDispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>com.zzhua.config.MyWebConfig</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springMvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- 代理过滤器 -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
AppConfig
@Configuration
@Import({MySecurityConfig.class})
public class AppConfig {
}
CustomizeDispatcherServlet
public class CustomizeDispatcherServlet extends DispatcherServlet {
public Class<?> getContextClass() {
return AnnotationConfigWebApplicationContext.class;
}
}
Servlet3.0 配置(可忽略)
MyWebApplicationInitializer
public class MyWebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
public void onStartup(ServletContext servletContext) throws ServletException {
super.onStartup(servletContext);
}
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[]{AppConfig.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{MyWebConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
}
*/
SpringSecurityApplicationInitializer
// 目的是为了配置: DelegatingFilterProxy去包含springSecurityFilterChain的名字
public class SpringSecurityApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
public SpringSecurityApplicationInitializer() {
}
}
@Configuration
@EnableWebMvc
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ComponentScan(basePackages = "com.zzhua.controller"
,excludeFilters = {@ComponentScan.Filter(type = FilterType.ANNOTATION
,classes = Service.class)})
public class MyWebConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("redirect:/login");
registry.addViewController("/login").setViewName("login");
registry.addViewController("/out").setViewName("out");
}
@Override
public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
converters.add(responseBodyConverter());
}
@Bean
public HttpMessageConverter<String> responseBodyConverter() {
return new StringHttpMessageConverter(Charset.forName("UTF-8"));
}
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setPrefix("/WEB-INF/view/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
}
MySecurityConfig
@Configuration
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable() // 关闭csrf
.authorizeRequests()
.antMatchers("/r/r1").hasAuthority("p1")
.antMatchers("/r/r2").hasAuthority("p2")
.antMatchers("/r/r3").hasRole("admin")
.antMatchers("/**").authenticated()
.anyRequest().permitAll()
.and()
.formLogin()
// .successForwardUrl("/login-success") // 登录成功之后,转发到此url
.successHandler(
// 主要是想登录成功之后修改掉浏览器地址栏的url,所以改为重定向而非转发
(request, response, authentication) ->
response.sendRedirect("/login-success"))
.loginProcessingUrl("/doLogin")
.loginPage("/login")
.permitAll()
.and()
.logout()
.logoutUrl("/doLogout")
.logoutSuccessUrl("/login")
;
}
// 配置用户信息
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
// 角色和权限的区别就是:角色前面多了个ROLE_
manager.createUser(User.withUsername("zhangsan").password("123").authorities("p1","ROLE_admin").build());
manager.createUser(User.withUsername("lisi").password("456").authorities("p2").build());
return manager;
// return new CustomizeUserDetailsService();
}
// 密码匹配器
@Bean
public PasswordEncoder passwordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
}
IndexController
@Controller
public class IndexController {
@RequestMapping("index")
public String index() {
return "index";
}
@RequestMapping("login-success")
public String loginSuccess() {
return "login_success";
}
}
RController
@RestController
@RequestMapping("r")
public class RController {
/**
* 测试资源1
*
* @return
*/
@GetMapping(value = "r1")
public String r1() {
return " 访问资源1";
}
/**
* 测试资源2
*
* @return
*/
@GetMapping(value = "r2")
public String r2() {
return " 访问资源2";
}
@GetMapping(value = "r3")
public String r3() {
return " 访问资源3";
}
@RequestMapping("r4")
@PreAuthorize("hasAnyRole('admin')")
public String r4() {
return "访问资源4";
}
}
jsp页面
index.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
halo~
</body>
</html>
login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form method="post" action="/doLogin">
用户名:<input type="text" name="username">
密码: <input type="text" name="password">
<input type="submit" value="提交">
</form>
</body>
</html>
login_success.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
登录成功
</body>
</html>
out.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
退出成功
</body>
</html>
标签:return,Spring,login,springframework,public,org,security,class,搭建 来源: https://blog.csdn.net/qq_16992475/article/details/122789505
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。