-
修改和完成SpringSecurity的登录功能
1、配置SpringSecurity改变默认表单页面但是流程不变
添加loginPage、loginProcessingUrl方法
//做拦截 @Override protected void configure(HttpSecurity http) throws Exception { // 请求授权 http.formLogin() .loginPage("/require")//自定义登录页面 .loginProcessingUrl("/loginPage")//security默认处理流程 表单:action="/loginPage" method="post" .and().authorizeRequests() //授权放行 .antMatchers("/loginPage","/require","/registerVisitor","/judgeSMS","/sendSMS","/visitorRegister","/visitorLogin","/index","/mood","/findMood","/findAllBlog","/findAllAlbum","/findAllArchives","/link", "/css/**","/editor.md/**","/images/**","/js/**","/layer/**","/social/**","/statics/**","/upload/**").permitAll() //所有请求 .anyRequest() //都需要身份认证 .authenticated().and() //43、使用Layer打开select-mood子页面并配置SpringSecurity允许Iframe嵌入页面 .headers().frameOptions().disable().and() //跨站请求伪造的防护 .csrf().disable() //添加我们所写的spring social配置 .apply(zzzSocialSecurityConfig); }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
//在MainController中添加 @RequestMapping("/require") public String require() { return "/login.html"; }- 1
- 2
- 3
- 4
- 5
<form action="/loginPage" method="post" class="login100-form validate-form">- 1
测试:SecurityUserService中打印用户名
//用户名密码登录 @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { // TODO 在数据库中找 System.out.println(username); ... }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
测试成功
2、完成访客登录功能且拓展登录失败与登录成功的Handler
访客登录
package com.zzz.blog.service; import ... @Component public class SecurityUserService implements UserDetailsService{ //加密方法返回值 @Autowired private PasswordEncoder passwordEncoder; @Autowired private UserService userService; @Autowired private VisitorService visitorService; //用户名密码登录 @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { // TODO 在数据库中找 System.out.println(username); User user = userService.findUserByUsername(username); if(user != null) { //将用户信息给SpringSecurity管理 return new SocialUser(user.getUsername(), passwordEncoder.encode(user.getPassword()), AuthorityUtils.commaSeparatedStringToAuthorityList("ADMIN")); } Visitor visitor = visitorService.findVisitorByUsername(username); if(visitor != null) { return new SocialUser(visitor.getUsername(), passwordEncoder.encode(visitor.getPassword()), AuthorityUtils.commaSeparatedStringToAuthorityList("VISITOR")); } throw new UsernameNotFoundException("用户不存在!!"); } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
拓展登录失败与登录成功的Handler的事件处理,添加handler
package com.zzz.blog.config; import ... //安全配置类 @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter{ //SpringSecurity加密方法返回值 @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Autowired private SpringSocialConfigurer zzzSocialSecurityConfig; @Autowired private LoginSuccessHandler loginSuccessHandler; @Autowired private LoginFailureHandler loginFailureHandler; //做拦截 @Override protected void configure(HttpSecurity http) throws Exception { // 请求授权 http.formLogin() .loginPage("/require")//自己的登录页面 .loginProcessingUrl("/loginPage")//security默认处理流程 表单登录提交路径:action="/loginPage" method="post" .failureHandler(loginFailureHandler) //登录失败的Handler .successHandler(loginSuccessHandler) //登录成功的Handler .and().authorizeRequests() //授权放行 .antMatchers("/loginPage","/require","/registerVisitor","/judgeSMS","/sendSMS","/visitorRegister","/visitorLogin","/index","/mood","/findMood","/findAllBlog","/findAllAlbum","/findAllArchives","/link", "/css/**","/editor.md/**","/images/**","/js/**","/layer/**","/social/**","/statics/**","/upload/**").permitAll() //所有请求 .anyRequest() //都需要身份认证 .authenticated().and() //43、使用Layer打开select-mood子页面并配置SpringSecurity允许Iframe嵌入页面 .headers().frameOptions().disable().and() //跨站请求伪造的防护 .csrf().disable() //添加我们所写的spring social配置 .apply(zzzSocialSecurityConfig); } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
package com.zzz.blog.handler; import ... @Component public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler{ @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { // TODO 登录成功后的处理 super.onAuthenticationSuccess(request, response, authentication); } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
package com.zzz.blog.handler; import ... @Component public class LoginFailureHandler extends SimpleUrlAuthenticationFailureHandler{ @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { // TODO 登录失败后的处理 super.onAuthenticationFailure(request, response, exception); } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
-
相关阅读:
Webpack入门:常用loader和plugin配置
计算机毕业设计ssm+vue基本微信小程序的蛋糕预订平台系统
小马识途营销顾问盘点新品牌推广方式有哪些?
Vue-加载流程&&DIFF算法
maven配置(本地仓库,镜像)
【JS】【掘金】获取关注了里不在关注者里的人
发展前景好、薪资高,计算机行业成为许多人改变命运的首选!
Mac当作云服务器,你真的会搞吗
MTK APP实现动态修改logo和开机动画
WPF 使用Image控件显示图片
- 原文地址:https://blog.csdn.net/heiye_007/article/details/133034748
