Loading

Spring Security:访问

先导入依赖

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-test</artifactId>
    <scope>test</scope>
</dependency>

导入依赖之后便可以进行初步的使用了

编写Controller类

@Controller
public class helloController {
   @GetMapping("/hello")
   public String sayHello() throws Exception {
         return "hello";
   }


}

启动项目后在浏览器中输入http://localhost:8080/hello会进入http://localhost:8080/login界面

初始默认的用户名是user,密码在控制台可以看到

输入后就可以登陆进入。配置完这些后可以在Springboot框架中使用thymeleaf

使用thymeleaf

使用thymeleaf框架首先要导入依赖![image-20220220115205111](/Users/criskey/Library/Application Support/typora-user-images/image-20220220115205111.png)

在配置文件中配置thymeleaf

spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.mode=HTML
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.suffix=.html

定义home.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org" xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
    <title>Spring Security Example</title>
</head>
<body>
<h1>Welcome!</h1>

<p>Click <a th:href="@{/hello.html}">here</a> to see a greeting.</p>
</body>
</html>

定义hello.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org"
      xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
    <title>Hello World!</title>
</head>
<body>
<h1 th:inline="text">Hello [[${#httpServletRequest.remoteUser}]]!</h1>
<form th:action="@{/logout}" method="post">
    <input type="submit" value="Sign Out"/>
</form>
</body>
</html>

定义login.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Spring Security Example</title>
</head>
<body class="body">
<div class="main">
    <div class="welcome">Welcome</div>
    <hr/>
    <form th:action="@{/login}" method="post">
        <div>
            <input type="text" name="username" placeholder="username" class="input">
        </div>
        <div>
            <input type="password" name="password" placeholder="password" class="input">
        </div>
        <div th:style="'vertical-align:middle'">
            <button class="button">Sign In</button>
        </div>
    </form>
</div>
</body>
<style>
    .body {
        background-image: url("/123.jpg");
        background-repeat: no-repeat;
        background-position: fixed;
        background-size: cover
    }

    .welcome {
        font-size:36px;color: white;
    }

    .main {
        border:5px solid white;
        border-radius: 5px;
        width: 320px;
        height: 220px;
        margin: 120px auto;
        display: table;
        text-align: center;
        line-height: 40px;
        vertical-align: middle;
        display: table;
    }

    .button {
        margin-top: 10px;
        border: none;
        background-color: #4CAF50;
        color: white;
        padding: 12px 30px;
        text-align: center;
        text-decoration: none;
        display: inline-block;
        font-size: 14px;
        border-radius: 3px;
    }

    .input {
        margin-top: 10px;
        border: 2px solid #a1a1a1;
        background: white;
        width: 200px;
        height: 18px;
        padding: 12px 30px;
        border-radius: 5px;
        padding: 10px 28px;
        text-decoration: none;
        display: inline-block;
        font-size: 14px;
        border-radius: 3px;
    }
</style>
</html>

其中的123.jpg放在static文件夹下面

最后登陆界面的效果

在config包下配置模版匹配

  public void addViewControllers(ViewControllerRegistry registry){
        registry.addViewController("/home.html").setViewName("home");
        registry.addViewController("/").setViewName("home");
        registry.addViewController("/login.html").setViewName("login");
        registry.addViewController("/hello.html").setViewName("hello");
    }
    public void addResourceHandlers(ResourceHandlerRegistry registry){
        registry.addResourceHandler("/**").addResourceLocations("classpath:/static/");
    }

  • 访问/home.html和/路径时,使用模版home.html

  • 访问/login.html路径时,使用模版:login.html

  • 访问/hello.html路径时,使用模板:hello.html

在config包下配置WebSecurityConfig项

@Configuration
@EnableWebSecurity  //启动Web Security支持,并提供MVC集成
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {    
@Override
    protected void configure(HttpSecurity httpSecurity) throws Exception{
        httpSecurity.authorizeRequests()
                .antMatchers("/","/home.html").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login.html")//登陆页面的url
                .loginProcessingUrl("/login")//登陆表的api
                .permitAll()//除了login.html和login不需要认证访问
                .and()
                .logout()
                .permitAll();
        httpSecurity.userDetailsService(userDetailsService());
        httpSecurity.userDetailsService(userDetailsService);
    }

  • @EnableWebSecurity: 是Spring Security用于启动Web安全的注解。

  • .antMatchers("/","/home.html").permitAll( )//配置不需要认证的url

    .anyRequest( ).authenticated( ): 除了这两个url,其他的url都需要访问登陆

  • .loginPage("/login.html") 配置登陆界面的url,即使用自定义的登陆界面。若不使用此配置,则使用Spring Security提供的默认登陆页面。

  • .loginProcessingUrl("/login"):配置登陆表单所使用的api

posted @ 2022-02-22 14:44  我只有一天的回忆  阅读(58)  评论(0)    收藏  举报