Shulou(Shulou.com)06/03 Report--

This article mainly introduces the Springboot security framework integration of SpringSecurity example analysis, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

1. Introduction to industrial security framework

Spring Security is based on Spring development. If Spring is used as the basis in the project, it is more convenient to do permissions with Spring Security, while Shiro needs to be integrated with Spring. Therefore, Spring Security, as a bucket in the spring family, is commonly used in the field of java.

two。 It is recommended to build Spring Security environment 2.1 to add related dependencies 4.0.0 org.example springsecurityReview 1.0-SNAPSHOT spring-boot-dependencies org.springframework.boot 2.5.4 org.springframework.boot spring-boot-starter-web org.springframework.boot to pom.xml Spring-boot-starter-security org.springframework.boot spring-boot-starter-thymeleaf 2.2 create the Handler class package com.example.controller Import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.GetMapping;@Controllerpublic class Handler {@ GetMapping ("/ index") public String index () {return "index";}} 2.3 create a simple html and configure the path to the related thymeleaf

2.4.After adding a startup class, our integration test completes package com.example;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplicationpublic class Application {public static void main (String [] args) {SpringApplication.run (Application.class,args);}} 2.5.The result shows that the user name defaults to user, and the password randomly generates this string of numbers.

3. The advanced version is customized with 3.1 username and password

Create Encoder under config package for password verification and transcoding operation

Convert the password to a string and verify it through the match method.

3.3.Grant account role permissions package com.example.config;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter @ Configurationpublic class SecurityConfig extends WebSecurityConfigurerAdapter {/ / relationship between roles and resources @ Override protected void configure (HttpSecurity http) throws Exception {http.authorizeRequests () .antMatchers ("/ admin"). HasRole ("ADMIN") .antMatrices ("/ index") .access ("hasRole ('ADMIN') or hasRole (' USER')") .anyRequest (). Authenticated () .and () .formLogin () .loginPage ("/ login") .permitAll () .and () .logout () .permitAll () .and () .csrf () .disable () @ Override protected void configure (AuthenticationManagerBuilder auth) throws Exception {auth.inMemoryAuthentication () .passwordEncoder (new MyPasswordEncoder ()) .withUser ("user") .password (new MyPasswordEncoder () .encode ("000000"). Roles ("USER") .and () .withUser ("admin") .password (new MyPasswordEncoder () .encode ("123")) .roles (" ADMIN "," USER ");}}

Finally, the admin account can access admin.html and index.html.

User can only access the operations of index.html

Thank you for reading this article carefully. I hope the article "sample Analysis of Springboot Security Framework Integration SpringSecurity" shared by the editor will be helpful to you. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.