重要配置类:
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
配置指定用户可访问:
package cn.com.joycode.nimble.demo;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@EnableWebSecurity
@Configuration
public class WebSecuritConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.passwordEncoder(new BCryptPasswordEncoder())
.withUser("joycode")
.password("$2a$10$.xvLEE4tZckoiYiBta8n5OQ/TjIGL7APXzKQKYKESqVluLiUsgKHC")
.roles("user");
}
}
上面的配置代码指定了用户"joycode"可以访问,密码也为"joycode",使用自带的BCrypt加密算法加密过。
参考:
- Spring Security 实战干货:内置 Filter 全解析
- spring security实现动态配置url权限的两种方法
- 公司新来了一个同事,把权限系统设计的炉火纯青!
- Spring security权限管理
视频:
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
