Spring Security 入门(五):在 Spring-Boot中的应用_spring

前言

本文作为入门级的DEMO,完全按照官网实例演示;

项目目录结构

Spring Security 入门(五):在 Spring-Boot中的应用_spring_02

Maven 依赖

  1.  

     
<parent>

   
<groupId>
org.springframework.boot
</groupId>

   
<artifactId>
spring-boot-starter-parent
</artifactId>

   
<version>
1.4.1.RELEASE
</version>

 
</parent>

 
<dependencies>

   
<dependency>

     
<groupId>
org.springframework.boot
</groupId>

     
<artifactId>
spring-boot-starter-web
</artifactId>

   
</dependency>

   
<dependency>

     
<groupId>
org.springframework.boot
</groupId>

     
<artifactId>
spring-boot-starter-security
</artifactId>

   
</dependency>

   
<dependency>

     
<groupId>
org.springframework.boot
</groupId>

     
<artifactId>
spring-boot-starter-thymeleaf
</artifactId>

   
</dependency>

 
</dependencies>

前端页面 home.html

  1. <!DOCTYPE html>

<html
xmlns
=
"http://www.w3.org/1999/xhtml"
xmlns:th
=
"http://www.thymeleaf.org"
>

<head>

   
<title>
Spring Security Example
</title>

</head>

<body>

 
<h1>
Welcome!
</h1>

 
<p>
Click
<a
th:href
=
"@{/hello}"
>
here
</a>
to see a greeting.
</p>

</body>

</html>

前端页面 login.html

  1. <!DOCTYPE html>

<html
xmlns
=
"http://www.w3.org/1999/xhtml"
xmlns:th
=
"http://www.thymeleaf.org"
>

<head>

   
<title>
Spring Security Example
</title>

</head>

<body>

<div
th:if
=
"${param.error}"
>
   Invalid username and password.
</div>

<div
th:if
=
"${param.logout}"
>
   You have been logged out.
</div>

<form
th:action
=
"@{/login}"
method
=
"post"
>
   

   
<div><label>
UserName:
<input
type
=
"text"
name
=
"username"
/>
</label></div>

   
<div><label>
Password:
<input
type
=
"password"
name
=
"password"
/>
</label></div>

   
<div><input
type
=
"submit"
value
=
"Sign In"
/></div>

</form>

</body>

</html>

Spring Security 入门(五):在 Spring-Boot中的应用_spring_03

前端页面 hello.html

  1. <!DOCTYPE html>

<html
xmlns
=
"http://www.w3.org/1999/xhtml"
xmlns:th
=
"http://www.thymeleaf.org"
>

<head>

   
<title>
Hello World!
</title>

</head>

<body>

<h1
th:inline
=
"text"
>
Hello [[${#httpServletRequest.remoteUser}]]!
</h1>

<form
th:action
=
"@{/logout}"
method
=
"post"
>

   
<input
type
=
"submit"
value
=
"Sign Out"
/>

</form>

</body>

</html>

Spring Security 入门(五):在 Spring-Boot中的应用_spring_04

启动程序 Application.java

  1. @SpringBootApplication

public
class
Application
{

 
public
static
void
main(
String
[] args) {

   
SpringApplication
.run(
Application
.
class
, args);

 }

}

HomeController.java

@Controller

public
class
HomeController
{

 
@RequestMapping
(
"/"
)

 
public
String
home(){

   
return
"home"
;  

 }

 
@RequestMapping
(
"/login"
)

 
public
String
login(){

   
return
"login"
;

 }

 
@RequestMapping
(
"/hello"
)

 
public
String
hello(){

   
return
"hello"
;

 }

}

Web安全配置 WebSecurityConfig.java

  1. @Configuration

@EnableWebSecurity

public
class
WebSecurityConfig
extends
WebSecurityConfigurerAdapter
{

 
@Override

 
protected
void
configure(
HttpSecurity
http)
throws
Exception
{

   http

     .authorizeRequests()

       .antMatchers(
"/"
).permitAll()                      
//请求路径"/"允许访问

       .anyRequest().authenticated()                      
//其它请求都需要校验才能访问

     .
and
()

       .formLogin()

         .loginPage(
"/login"
)                            
//定义登录的页面"/login",允许访问

         .permitAll()

     .
and
()

       .logout()                                          
//默认的"/logout", 允许访问

         .permitAll();

 }

 
@Autowired

 
public
void
configureGlobal(
AuthenticationManagerBuilder
auth)
throws
Exception
{

   
//在内存中注入一个用户名为anyCode密码为password并且身份为USER的对象

   auth

     .inMemoryAuthentication()

       .withUser(
"anyCode"
).password(
"password"
).roles(
"USER"
);

 }

}

 

 

 

Spring Security 入门(五):在 Spring-Boot中的应用_spring_05