spring boot 集成邮件 springboot集成springsecurity

转载

mob6454cc76bc4a 2023-07-05 21:07:54

文章标签 spring boot 集成邮件 spring ide ci 文章分类 spring boot 后端开发

web应用系统中，可能需要根据角色对用户的访问权限做限制，或是某些方法级别的访问限制，

Spring Security则就是这样一个现成的可以为我们提供认证和授权的功能，为了初步了解

Spring Security，这里使用springboot整合spring security来了解springsecurity功能，步骤：

1、创建maven工程，添加maven依赖，这里简单添加两个依赖：

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
        <version>2.3.5.RELEASE</version>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
        <version>2.1.5.RELEASE</version>
    </dependency>
</dependencies>

2、实现UserDetailsService,UserDetailsService只是一个含有一个方法的接口，无任何实现，

具体的实现需要有实现类去定义，

/details/89978773，下面这张图也是引自该网友

spring boot 集成邮件 springboot集成springsecurity_spring

以下是UserDetailsService的实现类：

@Service
public class UserDetailServiceImpl implements UserDetailsService {
    @Autowired
    private PasswordEncoder passwordEncoder;
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
        // 可以从数据库中筛选出来，然后进行判断
        if("employee".equals(username)){
            Employee employee=new Employee();
            employee.setUsername("employee");
            employee.setPassword("123456");
            GrantedAuthority grantedAuthority=new SimpleGrantedAuthority("ROLE_EMPLOYEE");
            grantedAuthorities.add(grantedAuthority);
            return new User(employee.getUsername(),
                    passwordEncoder.encode(employee.getPassword()),
                    grantedAuthorities);
        }
        if("admin".equals(username)){
            Admin admin=new Admin();
            admin.setUsername("admin");
            admin.setPassword("123456");
            GrantedAuthority grantedAuthority=new SimpleGrantedAuthority("ROLE_ADMIN");
            grantedAuthorities.add(grantedAuthority);
            return new User(admin.getUsername(),
                    passwordEncoder.encode(admin.getPassword()),
                    grantedAuthorities);
        }
        return null;
    }
}
上面引用的有两个类：admin,employee；定义如下：

public class Admin {
    private String username,password;

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

Employee类同上，定义略....

3、定义配置类，配置类需要继承WebSecurityConfigurerAdapter,

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    //将自定义的UserDetailsServiceImpl注入进来
    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder());
    }
    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()//禁用了 csrf 功能
                .authorizeRequests()//限定签名成功的请求
                .antMatchers("/decision/**","/govern/**","/employee/*").hasAnyRole("EMPLOYEE","ADMIN")//对decision和govern 下的接口 需要 USER 或者 ADMIN 权限
                .antMatchers("/employee/login").permitAll()///employee/login 不限定
                .antMatchers("/admin/**").hasRole("ADMIN")//对admin下的接口 需要ADMIN权限
                .antMatchers("/oauth/**").permitAll()//不拦截 oauth 开放的资源
                .anyRequest().permitAll()//其他没有限定的请求，允许访问
                .and().anonymous()//对于没有配置权限的其他请求允许匿名访问
                .and().formLogin()//使用 spring security 默认登录页面
                .and().httpBasic();//启用http 基础验证
    }
}

4、定义一个Controller类，Admin的controller定义如下：

@RestController
@RequestMapping("/admin")
public class AdminController {

    @GetMapping("/greeting")
    public String greeting() {
        return "Hello,World!";
    }

    @GetMapping("/login")
    public String login() {
        return "login sucess";
    }
}

ok，所有内容定义完毕，这里只是定义了后端访问，可用Postman进行调试，postman调试内容如下：

spring boot 集成邮件 springboot集成springsecurity_ide_02