當前位置：首頁 > 前端技术 > javascript >内容正文

javascript

Spring Security 应用详解集成SpringBoot —— 简单入门

發布時間：2025/4/16 javascript 24 豆豆

生活随笔收集整理的這篇文章主要介紹了 Spring Security 应用详解集成SpringBoot —— 简单入门小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

spring 容器配置

SpringBoot工程啟動會自動掃描啟動類所在包下的所有Bean，加載到spring容器。
1）Spring Boot配置文件
在resources下添加application.properties，內容如下：

application.properties

server.port=8080 server.servlet.context-path=/security-springboot spring.application.name = security-springbootspring.mvc.view.prefix=/WEB-INF/view/ spring.mvc.view.suffix=.jsp

2）Spring Boot 啟動類

SecuritySpringBootApp.java

package com.dym.security.springboot;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;@SpringBootApplication @EnableAutoConfiguration(exclude={DataSourceAutoConfiguration.class}) public class SecuritySpringBootApp {public static void main(String[] args) {SpringApplication.run(SecuritySpringBootApp.class,args);} }

Servlet Context配置
由于Spring boot starter自動裝配機制，這里無需使用@EnableWebMvc與@ComponentScan，WebConfig如下

WebConfig.java

package com.dym.security.springboot.config;import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;@Configuration//就相當于springmvc.xml文件 public class WebConfig implements WebMvcConfigurer {@Overridepublic void addViewControllers(ViewControllerRegistry registry) {registry.addViewController("/").setViewName("redirect:/login");}}

安全配置
由于Spring boot starter自動裝配機制，這里無需使用@EnableWebSecurity，WebSecurityConfig內容如下

WebSecurityConfig.java

package com.dym.security.springboot.config;import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.provisioning.InMemoryUserDetailsManager;@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter {//定義用戶信息服務（查詢用戶信息）@Beanpublic UserDetailsService userDetailsService(){InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();manager.createUser(User.withUsername("zhangsan").password("123").authorities("p1").build());manager.createUser(User.withUsername("lisi").password("456").authorities("p2").build());return manager;}//密碼編碼器@Beanpublic PasswordEncoder passwordEncoder(){return NoOpPasswordEncoder.getInstance();}//安全攔截機制（最重要）@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/r/r1").hasAuthority("p1").antMatchers("/r/r2").hasAuthority("p2").antMatchers("/r/**").authenticated()//所有/r/**的請求必須認證通過.anyRequest().permitAll()//除了/r/**，其它的請求可以訪問.and().formLogin()//允許表單登錄.successForwardUrl("/login-success");//自定義登錄成功的頁面地址} }

LoginController.java

package com.dym.security.springboot.controller;import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController;@RestController public class LoginController {@RequestMapping(value = "/login-success",produces = {"text/plain;charset=UTF-8"})public String loginSuccess(){return " 登錄成功";}/*** 測試資源1* @return*/@GetMapping(value = "/r/r1",produces = {"text/plain;charset=UTF-8"})public String r1(){return " 訪問資源1";}/*** 測試資源2* @return*/@GetMapping(value = "/r/r2",produces = {"text/plain;charset=UTF-8"})public String r2(){return " 訪問資源2";} }

總結

以上是生活随笔為你收集整理的Spring Security 应用详解集成SpringBoot —— 简单入门的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

上一篇： Spring Security快速上手
下一篇： springsecurity的工作原理