一、前期配置
1. 添加依赖
数据库参考:一篇文章带你搞定 SpringSecurity 和 SpringDataJpa 的整合
2. 配置数据库中的实体类
对于实体类和整合 SpringDataJpa 一样选用 Role 和 User
Role:
import java.io.Serializable;
public class Role implements Serializable {
private Integer id;
private String name;
private String nameZh;
//get和set 方法省略
}
User:
public class User implements UserDetails {
private Integer id;
private String username;
private String password;
private Boolean enabled;
private Boolean locked;
private List<Role> roles;
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return !locked;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return enabled;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
for (Role role : roles) {
authorities.add(new SimpleGrantedAuthority("ROLE_"+role.getName()));
}
return authorities;
}
public void setEnabled(Boolean enabled) {
this.enabled = enabled;
}
public void setLocked(Boolean locked) {
this.locked = locked;
}
}
//其他get和set方法省略
}
3. 配置 application.properties 实现数据库连接
spring.datasource.url=mysql://localhost:3306/yolo?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
spring.datasource.username=root
spring.datasource.password=root
具体信息同样参考上面整合 SpringDataJpa 的文章即可。
二、配置 UserDao 和 UserDao.xml
1. UserDao.java
@Mapper
public interface UserDao {
User findUserByUsername(String username);
List<Role> getRolesByUserId(Long id);
void save(User user);
}
2. UserDao.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="org.yolo.securitymybatis.mapper.UserMapper">
<select id="loadUserByUsername" resultType="org.yolo.securitymybatis.bean.User">
select * from user where username=#{
username}
</select>
<select id="getUserRolesById" resultType="org.yolo.securitymybatis.bean.Role">
select * from role where id in (select rid from user_role where uid=#{
id})
</select>
</mapper>
三、配置 service
@Service
public class UserService implements UserDetailsService {
@Autowired
UserDao userDao;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userDao.findUserByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("用户不存在");
}
user.setRoles(userDao.getRolesByUserId(user.getId()));
return user;
}
}
四、配置 SecurityConfig
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserService userService;
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin").hasRole("admin")
.anyRequest().authenticated()
.and()
.formLogin()
.permitAll()
.and()
.csrf().disable();
}
}
五、其他配置
(1)将资源配置路径添加到 pom 文件中:
<resources>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.xml</include>
</includes>
</resource>
<resource>
<directory>src/main/resources</directory>
</resource>
</resources>
原先的问题是因为数据库存储的信息比较混乱,重新建了个数据库好使了
六、总结
可以和这篇对比下:springsecurity 整合 mybatis
两篇的区别就是 这里的mysql 是 8 以上版本,同时也没有选择 druid 连接数据库
对于 mybatis 的配置什么的是一致的,而且也不用必须加 ROLE
转载:https://blog.csdn.net/nanhuaibeian/article/details/108783235
查看评论