重要配置类:
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
配置指定用户可访问:
package cn.com.joycode.nimble.demo; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @EnableWebSecurity @Configuration public class WebSecuritConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .passwordEncoder(new BCryptPasswordEncoder()) .withUser("joycode") .password("$2a$10$.xvLEE4tZckoiYiBta8n5OQ/TjIGL7APXzKQKYKESqVluLiUsgKHC") .roles("user"); } }
上面的配置代码指定了用户"joycode"可以访问,密码也为"joycode",使用自带的BCrypt加密算法加密过。
参考:
- Spring Security 实战干货:内置 Filter 全解析
- spring security实现动态配置url权限的两种方法
- 公司新来了一个同事,把权限系统设计的炉火纯青!
- Spring security权限管理
视频:
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END