Shulou(Shulou.com)06/03 Report--

This article mainly introduces "the basic configuration method of SpringSecurity". In the daily operation, I believe that many people have doubts about the basic configuration method of SpringSecurity. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts of "basic configuration method of SpringSecurity"! Next, please follow the editor to study!

Spring Security is a powerful and highly customizable authentication and access control framework. It is the de facto standard for protecting Spring-based applications. Spring Security is a framework that focuses on providing authentication and authorization for Java applications. Like all Spring projects, the real power of Spring Security is that it can be easily extended to meet custom requirements

First, create a maven multi-module project, as follows:

Spring-security: parent module spring-security-browser: handles browser-related authorization authentication, and ultimately relies on spring-security-core as a jar of demo: some public methods and classes of authorization authentication, and put the public dependency here spring-security-demo: authorization authentication demo service

Spring-security-core

Pom dependencies:

Org.apache.commons commons-lang3 3.7 org.apache.commons commons-collections4 4.1 commons-beanutils commons-beanutils commons-io commons-io 2.6 org.projectlombok lombok org.springframework.boot spring-boot-starter-security org.springframework.boot spring-boot-starter-thymeleaf

Spring-security-browser

Pom dependencies:

Org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-data-jpa com.xwj spring-security-core 0.0.1-SNAPSHOT

Security configuration:

@ Configuration@EnableWebSecuritypublic class SecurityConfig extends WebSecurityConfigurerAdapter {@ Override protected void configure (HttpSecurity http) throws Exception {http.formLogin () / form login. Jump to the security default login form page / / http.httpBasic () / / basic login .and () .authorizeRequests () / a pair of requests for authorization .antMatrices ("/ noAuth"). PermitAll () / allow everyone to access / noAuth .anyRequest () / any request .authenticated () / requires authentication;}}

Spring-security-demo

Pom dependencies:

Org.springframework.boot spring-boot-starter-web com.xwj spring-security-browser 0.0.1-SNAPSHOT

In Controller:

@ RestController@RequestMappingpublic class IndexController {/ * requests that do not require authentication * / @ GetMapping ("/ noAuth") public String noAuth () {return "noAuth";} / * requests requiring authentication * / @ GetMapping ("/ user") public String user () {return "user";}}

Start the service. In the log, you can see the following information:

Using default security password: 90d9e73a-490c-484b-b7c5-5cd75c634e2f

This is the default password for security, which will be used when logging in later.

The service port is 18081, and the browser accesses http://localhost:18081/noAuth. The request does not require authentication, so it goes directly to our service, as follows:

Then visit http://localhost:18081/user. The request requires authentication and jumps to the default login page of security (you can also customize the login page), as follows:

Enter the user name casually, and the password is the password printed in the log: 90d9e73a-490c-484b-b7c5-5cd75c634e2f

Click the login button, log in successfully and return a user. When you revisit this request, because it has been authenticated, you can now access it directly.

So far, the simplest security configuration is complete.

At this point, the study on the "basic configuration method of SpringSecurity" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.