Spring Security 4.X 零配置,草稿记录
2016-05-04 18:29
525 查看
"org.springframework.security:spring-security-web:4.1.0.RELEASE","org.springframework.security:spring-security-taglibs:4.1.0.RELEASE","org.springframework.security:spring-security-config:4.1.0.RELEASE"
configure(WebSecurityweb)
@Override publicvoidconfigure(WebSecurityweb)throwsException{ //设置不拦截规则 web.ignoring().antMatchers("/pm/**","/common/**","/*.ico"); }
configure(HttpSecurityhttp)
protectedvoidconfigure(HttpSecurityhttp)throwsException{
http.authorizeRequests().antMatchers("/login").anonymous();//指定登录界面容许匿名登录
http.authorizeRequests().anyRequest().authenticated()
//容许嵌入框架iframe
.and().headers().frameOptions().disable().and().httpBasic()
//defaultSuccessUrl:指定登录成功后界面,loginPage:指定登录界面
.and().formLogin().defaultSuccessUrl("/main.to").loginPage("/login").permitAll();
}
1.容许嵌入框架iframe跳转
.and().headers().frameOptions().disable()
2.指定登录界面
.and().formLogin().loginPage("/login")
3.指定登录成功后返回界面
.and().formLogin().defaultSuccessUrl("/main.to")
进入后台时进行权限验证
packagecom.framework.security;
importorg.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
/****
*@authortzz
*@功能描述
*@date2016/5/5
*修改人修改时间修改说明
****/
@EnableGlobalMethodSecurity(prePostEnabled=true)
publicclassMethodSecurityConfig{
}
后台函数权限验证(范例)
@PreAuthorize("hasRole('002_02_202')")
@ResponseBody
@RequestMapping(value="/company.add",method=RequestMethod.POST,params={"nameShort","name","remark"})
publicMap<String,Object>add(Stringname,StringnameShort,Stringremark){
....
}
configure(AuthenticationManagerBuilderauth)
1.自定义盐值加密配置
DaoAuthenticationProviderauthProvider=newDaoAuthenticationProvider();
ReflectionSaltSourcesaltSource=newReflectionSaltSource();
//UserInfo.salt盐值数据字段
saltSource.setUserPropertyToUse("salt");
authProvider.setPasswordEncoder(newMd5PasswordEncoder());
auth.authenticationProvider(authProvider);
2.自定义用户权限信息
自定义用户信息SQL
privateStringusersByUsernameQuery="SELECTaccount,pwd,stat,salt,id,company_id,name,login_stat,login_date,login_ipFROMUSER_ACCOUNTWHEREACCOUNT=?"
自定义权限信息SQL
privateStringauthoritiesByUsernameQuery="SELECTNAME,POWER_CODEFROMVW_USER_POWERWHEREACCOUNT_ID=?"
自定义用户权限信息对configure(AuthenticationManagerBuilderauth)进行修改
@Override
protectedvoidconfigure(AuthenticationManagerBuilderauth)
throwsException{
DaoAuthenticationProviderauthProvider=newDaoAuthenticationProvider();
ReflectionSaltSourcesaltSource=newReflectionSaltSource();
saltSource.setUserPropertyToUse("salt");
authProvider.setSaltSource(saltSource);
authProvider.setUserDetailsService(userDetailsService());
authProvider.setPasswordEncoder(newMd5PasswordEncoder());
auth.authenticationProvider(authProvider);
}
protectedUserInfoServiceuserDetailsService(){
returnnewUserInfoService().setAuthoritiesUsernameQuery(this.authoritiesByUsernameQuery)
.setUsersUsernameQuery(this.usersByUsernameQuery).dataSource(dataSource);
}
packagecom.framework.security;
importorg.apache.commons.logging.Log;
importorg.apache.commons.logging.LogFactory;
importorg.springframework.context.support.MessageSourceAccessor;
importorg.springframework.dao.DataAccessException;
importorg.springframework.jdbc.core.RowMapper;
importorg.springframework.security.core.GrantedAuthority;
importorg.springframework.security.core.SpringSecurityMessageSource;
importorg.springframework.security.core.authority.AuthorityUtils;
importorg.springframework.security.core.authority.SimpleGrantedAuthority;
importorg.springframework.security.core.userdetails.UserDetails;
importorg.springframework.security.core.userdetails.UserDetailsService;
importorg.springframework.security.core.userdetails.UsernameNotFoundException;
importorg.springframework.security.provisioning.JdbcUserDetailsManager;
importjavax.sql.DataSource;
importjava.util.*;
/****
*@authortzz
*@功能描述
*@date2016/5/3
*修改人修改时间修改说明
****/
publicclassUserInfoServiceextendsJdbcUserDetailsManagerimplementsUserDetailsService{
privateMap<String,UserInfo>userMap=null;
protectedfinalLoglogger=LogFactory.getLog(getClass());
protectedfinalMessageSourceAccessormessages=SpringSecurityMessageSource
.getAccessor();
privateStringusersByUsernameQuery;
privateStringauthoritiesByUsernameQuery;
publicUserInfoService(){
userMap=newHashMap<>();
}
publicUserDetailsloadUserByUsername(Stringusername)
throwsUsernameNotFoundException,DataAccessException{
List<UserDetails>users=loadUsersByUsername(username);
if(users.size()==0){
logger.debug("Queryreturnednoresultsforuser'"+username+"'");
thrownewUsernameNotFoundException(messages.getMessage(
"JdbcDaoImpl.notFound",newObject[]{username},
"Username{0}notfound"));
}
UserInfouser=(UserInfo)users.get(0);
Set<GrantedAuthority>dbAuthsSet=newHashSet<GrantedAuthority>();
if(getEnableAuthorities()){
dbAuthsSet.addAll(loadUserAuthorities(user.getId()));
}
if(getEnableGroups()){
dbAuthsSet.addAll(loadGroupAuthorities(user.getUsername()));
}
List<GrantedAuthority>dbAuths=newArrayList<GrantedAuthority>(dbAuthsSet);
addCustomAuthorities(user.getUsername(),dbAuths);
if(dbAuths.size()==0){
logger.debug("User'"+username
+"'hasnoauthoritiesandwillbetreatedas'notfound'");
thrownewUsernameNotFoundException(messages.getMessage(
"JdbcDaoImpl.noAuthority",newObject[]{username},
"User{0}hasnoGrantedAuthority"));
}
returncreateUserDetails(username,user,dbAuths);
}
protectedUserDetailscreateUserDetails(Stringusername,
UserInfouserFromUserQuery,List<GrantedAuthority>combinedAuthorities){
StringreturnUsername=userFromUserQuery.getUsername();
if(!isUsernameBasedPrimaryKey()){
returnUsername=username;
}
UserInfouser=newUserInfo(returnUsername,userFromUserQuery.getPassword(),userFromUserQuery.isEnabled(),true,true,true,
combinedAuthorities);
user.setId(userFromUserQuery.getId());
user.setCompanyId(userFromUserQuery.getCompanyId());
user.setName(userFromUserQuery.getName());
user.setLoginStat(userFromUserQuery.getLoginStat());
user.setLoginDate(userFromUserQuery.getLoginDate());
user.setLoginIP(userFromUserQuery.getLoginIP());
user.setSalt(userFromUserQuery.getSalt());
returnuser;
}
/**
*LoadsauthoritiesbyexecutingtheSQLfrom
*<tt>groupAuthoritiesByUsernameQuery</tt>.
*
*@returnalistofGrantedAuthorityobjectsfortheuser
*/
protectedList<GrantedAuthority>loadUserAuthorities(intuserId){
try{
returngetJdbcTemplate().query(this.authoritiesByUsernameQuery,
newObject[]{userId},(RowMapper<GrantedAuthority>)(rs,rowNum)->{
StringroleName=getRolePrefix()+rs.getString(2);
returnnewSimpleGrantedAuthority(roleName);
});
}catch(Exceptione){
e.printStackTrace();
}
returnnull;
}
/**
*LoadsauthoritiesbyexecutingtheSQLfrom<tt>authoritiesByUsernameQuery</tt>.
*
*@returnalistofGrantedAuthorityobjectsfortheuser
*/
protectedList<UserDetails>loadUsersByUsername(Stringusername){
try{
returngetJdbcTemplate().query(this.usersByUsernameQuery,newObject[]{username},
(RowMapper<UserDetails>)(rs,rowNum)->{
Stringusername1=rs.getString(1);
Stringpassword=rs.getString(2);
booleanenabled=rs.getBoolean(3);
UserInfouser=newUserInfo(username1,password,enabled,true,true,true,
AuthorityUtils.NO_AUTHORITIES);
user.setSalt(rs.getString(4));
user.setId(rs.getInt(5));
user.setCompanyId(rs.getInt(6));
user.setName(rs.getString(7));
user.setLoginStat(rs.getInt(8));
user.setLoginDate(rs.getLong(9));
user.setLoginIP(rs.getString(10));
returnuser;
}
);
}catch(Exceptione){
e.printStackTrace();
}
returnnull;
}
publicUserInfoServicesetAuthoritiesUsernameQuery(StringauthoritiesByUsernameQuery){
this.authoritiesByUsernameQuery=authoritiesByUsernameQuery;
returnthis;
}
publicUserInfoServicesetUsersUsernameQuery(StringusersByUsernameQuery){
this.usersByUsernameQuery=usersByUsernameQuery;
returnthis;
}
publicUserInfoServicedataSource(DataSourcedataSource){
super.setDataSource(dataSource);
returnthis;
}
}
packagecom.framework.security;
importorg.springframework.security.core.GrantedAuthority;
importorg.springframework.security.core.userdetails.User;
importjava.util.Collection;
/****
*@authortzz
*@功能描述
*@date2016/5/3
*修改人 修改时间 修改说明
****/
publicclassUserInfoextendsUser{
privateintid;
privateintcompanyId;//所属公司
privateintloginSystemId=0;//当前登录系统ID
privateStringname;//用户名称
privateintloginStat;//登录状态1:登录2:未登陆
privateStringloginIP;//登录IP
privatelongloginDate;//登录时间
privateStringsalt;
publicUserInfo(Stringusername,Stringpassword,Collection<?extendsGrantedAuthority>authorities){
super(username,password,authorities);
}
publicUserInfo(Stringusername,Stringpassword,booleanenabled,booleanaccountNonExpired,booleancredentialsNonExpired,booleanaccountNonLocked,Collection<?extendsGrantedAuthority>authorities){
super(username,password,enabled,accountNonExpired,credentialsNonExpired,accountNonLocked,authorities);
}
publicStringgetSalt(){
returnsalt;
}
publicvoidsetSalt(Stringsalt){
this.salt=salt;
}
publicintgetId(){
returnid;
}
publicvoidsetId(intid){
this.id=id;
}
publicintgetCompanyId(){
returncompanyId;
}
publicvoidsetCompanyId(intcompanyId){
this.companyId=companyId;
}
publicintgetLoginSystemId(){
returnloginSystemId;
}
publicvoidsetLoginSystemId(intloginSystemId){
this.loginSystemId=loginSystemId;
}
publicStringgetName(){
returnname;
}
publicvoidsetName(Stringname){
this.name=name;
}
publicintgetLoginStat(){
returnloginStat;
}
publicvoidsetLoginStat(intloginStat){
this.loginStat=loginStat;
}
publicStringgetLoginIP(){
returnloginIP;
}
publicvoidsetLoginIP(StringloginIP){
this.loginIP=loginIP;
}
publiclonggetLoginDate(){
returnloginDate;
}
publicvoidsetLoginDate(longloginDate){
this.loginDate=loginDate;
}
}
相关文章推荐
- 使用@ResponseBody时候spring mvc的配置
- struts json 类型异常返回到js弹框
- java反射机制
- Java 8 新特性:扩展注解(类型注解和重复注解)
- java base64 转码和解码
- jdk动态代理最详细讲解---学习笔记
- spring aop advice
- Spring 基础特性
- json、javaBean、xml互转的几种工具介绍
- java项目开发如何自制java打补丁工具
- java项目开发如何自制java打补丁工具
- Java 全角字符转半角字符
- Spring Boot 部署与服务配置
- Spring Boot 部署与服务配置
- mac系统下安装多个版本的jdk
- 浅谈java及应用
- java自定义异常以及异常的使用
- 怎么成为java的高手?
- Java读取文件的最后n位
- Java Calendar 日历类的基本使用