风一更--软件开发--应用程序--Spring security

目的：基于Spring security framework 构建应用程序的安全

---

refer:

1.《Spring5 recipes》 chapter 7 Spring security. ( read completed)

2.《Spring boot 2 recipes 》 chapter 6 Spring security ( read complted, practice - not yet)

   2.1 p142  2023-04-09

---

1.项目构建 

pom依赖：

pom dependencies

database:

CREATE USER 'PRACTICE_SPRING_SECURITY'@'LOCALHOST' IDENTIFIED BY 'admin';

CREATE SCHEMA PRACTICE_SPRING_SECURITY;
GRANT ALL PRIVILEGES ON PRACTICE_SPRING_SECURITY .* TO 'PRACTICE_SPRING_SECURITY'@'LOCALHOST';
FLUSH PRIVILEGES;

SET GLOBAL time_zone = "+3:00";

---

实践1：<spring5 recipes> chapter 7   &  <spring boot 2 recipes> chapter 6

2023-04-10

1.注册 Spring security 所用的过滤器.  

 

---

使用注解来保护控制器方法;

---

使用数据库对用户进行身份验证

create user 'PRACTICE_SPRING_SECURITY_P1'@'LOCALHOST' IDENTIFIED BY 'admin';

create schema PRACTICE_SPRING_SECURITY_P1 character set 'utf8mb4';
grant all privileges on PRACTICE_SPRING_SECURITY_P1 .* TO 'PRACTICE_SPRING_SECURITY_P1'@'LOCALHOST';
flush privileges;

SET GLOBAL time_zone = "+3:00";

 use PRACTICE_SPRING_SECURITY_P1;

create table users(
 USERNAME varchar(50) NOT NULL PRIMARY KEY,
 PASSWORD VARCHAR(50) NOT NULL,
 ENABLED smallint NOT NULL
 )ENGINE = InnoDB;
 
create table AUTHORITIES(
  USERNAME VARCHAR(50) NOT NULL,
  AUTHORITY varchar(50) NOT NULL,
  constraint FK_AUTHORITIES_USERS_1 foreign key (USERNAME) REFERENCES users (USERNAME)
  )ENGINE = InnoDB;