您的位置:首页技术文章
文章详情页

Spring Security基于数据库实现认证过程解析

更多 QQ空间 微信 QQ好友 腾讯朋友 复制链接
【字号: 日期:2023-08-21 08:16:58浏览:3作者:猪猪

创建数据库

SET FOREIGN_KEY_CHECKS=0;-- ------------------------------ Table structure for role-- ----------------------------DROP TABLE IF EXISTS `role`;CREATE TABLE `role` (`id` int(11) NOT NULL AUTO_INCREMENT,`name` varchar(32) DEFAULT NULL,`nameZh` varchar(32) DEFAULT NULL,PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;-- ------------------------------ Records of role-- ----------------------------INSERT INTO `role` VALUES (’1’, ’dba’, ’数据库管理员’);INSERT INTO `role` VALUES (’2’, ’admin’, ’系统管理员’);INSERT INTO `role` VALUES (’3’, ’user’, ’用户’);-- ------------------------------ Table structure for user-- ----------------------------DROP TABLE IF EXISTS `user`;CREATE TABLE `user` (`id` int(11) NOT NULL AUTO_INCREMENT,`username` varchar(32) DEFAULT NULL,`password` varchar(255) DEFAULT NULL,`enabled` tinyint(1) DEFAULT NULL,`locked` tinyint(1) DEFAULT NULL,PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;-- ------------------------------ Records of user-- ----------------------------INSERT INTO `user` VALUES (’1’, ’root’, ’$2a$10$RMuFXGQ5AtH4wOvkUqyvuecpqUSeoxZYqilXzbz50dceRsga.WYiq’, ’1’, ’0’);INSERT INTO `user` VALUES (’2’, ’admin’, ’$2a$10$RMuFXGQ5AtH4wOvkUqyvuecpqUSeoxZYqilXzbz50dceRsga.WYiq’, ’1’, ’0’);INSERT INTO `user` VALUES (’3’, ’sang’, ’$2a$10$RMuFXGQ5AtH4wOvkUqyvuecpqUSeoxZYqilXzbz50dceRsga.WYiq’, ’1’, ’0’);-- ------------------------------ Table structure for user_role-- ----------------------------DROP TABLE IF EXISTS `user_role`;CREATE TABLE `user_role` (`id` int(11) NOT NULL AUTO_INCREMENT,`uid` int(11) DEFAULT NULL,`rid` int(11) DEFAULT NULL,PRIMARY KEY (`id`)) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;-- ------------------------------ Records of user_role-- ----------------------------INSERT INTO `user_role` VALUES (’1’, ’1’, ’1’);INSERT INTO `user_role` VALUES (’2’, ’1’, ’2’);INSERT INTO `user_role` VALUES (’3’, ’2’, ’2’);INSERT INTO `user_role` VALUES (’4’, ’3’, ’3’);SET FOREIGN_KEY_CHECKS=1;

导入依赖

<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId></dependency><dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId></dependency><dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.3</version></dependency><dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> <version>5.1.46</version></dependency><dependency> <groupId>com.alibaba</groupId> <artifactId>druid-spring-boot-starter</artifactId> <version>1.1.22</version></dependency>

spring.datasource.url=jdbc:mysql://127.0.0.1:3306/javaboy?useUnicode=true&characterEncoding=utf8spring.datasource.username=rootspring.datasource.password=rootspring.datasource.type=com.alibaba.druid.pool.DruidDataSource

让bean实现UserDetails接口

public class User implements UserDetails { private Integer id; private String username; private String password; private Boolean enabled; private Boolean locked; private List<Role> roles; public List<Role> getRoles() { return roles; } public void setRoles(List<Role> roles) { this.roles = roles; } public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public void setUsername(String username) { this.username = username; } public void setPassword(String password) { this.password = password; } public void setEnabled(Boolean enabled) { this.enabled = enabled; } public void setLocked(Boolean locked) { this.locked = locked; } @Override public Collection<? extends GrantedAuthority> getAuthorities() { List<SimpleGrantedAuthority> authorities = new ArrayList<>(); for (Role role : roles) { authorities.add(new SimpleGrantedAuthority('ROLE_' + role.getName())); } return authorities; } @Override public String getPassword() { return password; } public String getUsername() { return username; } //账户是否未过期 @Override public boolean isAccountNonExpired() { return true; } //账户是否未锁定 @Override public boolean isAccountNonLocked() { return !locked; } @Override public boolean isCredentialsNonExpired() { return true; } @Override public boolean isEnabled() { return enabled; }}

public class Role { private Integer id; private String name; private String nameZh;...}

userMapper

在类上直接加@Mapper或者在SpringBoot启动类上配置全局的扫描@MapperScan(basePackages='')

@Mapperpublic interface UserMapper { User loadUserByUsername(String username); List<Role> getUserRolesById(Integer id);}

<?xml version='1.0' encoding='UTF-8' ?><!DOCTYPE mapper PUBLIC '-//mybatis.org//DTD Mapper 3.0//EN' 'http://mybatis.org/dtd/mybatis-3-mapper.dtd'><mapper namespace='com.qwl.mysecuritydb.mapper.UserMapper'> <select resultType='com.qwl.mysecuritydb.bean.User'> select * from user where username = #{username} </select> <select resultType='com.qwl.mysecuritydb.bean.Role'> select * from role where id in(select rid from user_role where uid=#{id}) </select></mapper>

userService 同样也要继承UserServiceDetails接口

@Servicepublic class UserService implements UserDetailsService { @Autowired UserMapper userMapper; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { User user =userMapper.loadUserByUsername(username); if(user==null){ throw new UsernameNotFoundException('用户不存在'); } user.setRoles(userMapper.getUserRolesById(user.getId())); return user; }}

HelloController

@RestControllerpublic class HelloController { @GetMapping('/hello') public String hello(){ return 'hello security'; } @GetMapping('/dba/hello') public String dba(){ return 'hello dba'; } @GetMapping('/admin/hello') public String admin(){ return 'hello admin'; } @GetMapping('/user/hello') public String user(){ return 'hello user'; }}

SecurityConfig

SercurityConfig需要继承WebSecurityConfigurerAdapter类,并在类上加@Configuration SpringSecurity5.0之后密码必须加密 把数据库查出的用户信息交给SpringSecurity处理 配置httpSercurity

@Configurationpublic class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserService userService;//把数据库查出的用户信息交给SpringSecurity处理 @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService); } @Bean PasswordEncoder passwordEncoder(){ return new BCryptPasswordEncoder(); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers('/dba/**').hasRole('dba').antMatchers('/admin/**').hasRole('admin').antMatchers('/user/**').hasRole('user').anyRequest().authenticated().and().formLogin().permitAll().and().csrf().disable(); }}

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持好吧啦网。

标签: Spring
上一条:Spring Cache整合Redis实现方法详解下一条:SpringSecurity如何实现配置单个HttpSecurity
相关文章:
1. Java集合功能与用法实例详解2. CentOS7使用docker部署Apollo配置中心的实现3. Docker Hub运行原理及实现过程解析4. docker利用单个镜像映射到多个端口操作5. asp.net core应用docke部署到centos7的全过程6. 详解docker compose 用法7. Docker数据卷容器创建及使用方法解析8. Django多个app urls配置代码实例9. 解决Docker启动Elasticsearch7.x报错的问题10. 在docker容器中调用和执行宿主机的docker操作
排行榜
Java集合功能与用法实例详解
Java集合功能与用法实例详解
1. CentOS7使用docker部署Apollo配置中心的实现
2. Django多个app urls配置代码实例
3. asp.net core应用docke部署到centos7的全过程
4. docker利用单个镜像映射到多个端口操作
5. Docker Hub运行原理及实现过程解析
6. 在docker容器中调用和执行宿主机的docker操作
7. 解决Docker启动Elasticsearch7.x报错的问题
8. 详解docker compose 用法
9. Docker数据卷容器创建及使用方法解析
10. Docker 部署单机版 Pulsar 和集群架构 Redis(开发神器)的方法
热门标签