知乎专栏 |
MongoDB 为 Security 用户认证提供数据存储。
package mis.domain; import org.springframework.data.annotation.Id; import org.springframework.data.mongodb.core.index.Indexed; public class Administrator { @Id private String id; @Indexed(unique = true) private String username; private String password; private String authority; public Administrator() { // TODO Auto-generated constructor stub } public Administrator(String username, String password) { this.username = username; this.password = password; } public String getId() { return id; } public void setId(String id) { this.id = id; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getAuthority() { return authority; } public void setAuthority(String authority) { this.authority = authority; } @Override public String toString() { return "User [id=" + id + ", username=" + username + ", password=" + password + ", authority=" + authority + "]"; } }
package mis.repository; import org.springframework.data.mongodb.repository.MongoRepository; import mis.domain.Administrator; public interface AdministratorRepository extends MongoRepository<Administrator, String> { public Administrator findByUsername(String username); }
@EnableWebSecurity public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http // 配置授权请求规则 .authorizeRequests() // 任何请求都需要认证 .anyRequest() .authenticated() // 使用and()方法连接多个配置 .and() // 开启HTTP基本认证功能 .httpBasic(); return http.build(); } }
Springboot 2.x
package mis.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import mis.domain.Administrator; import mis.repository.AdministratorRepository; @Configuration class GlobalAuthenticationConfigurer extends GlobalAuthenticationConfigurerAdapter { @Autowired AdministratorRepository administratorRepository; @Override public void init(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService()); } @Bean UserDetailsService userDetailsService() { return new UserDetailsService() { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { Administrator administrator = administratorRepository.findByUsername(username); if (administrator != null) { return new User(administrator.getUsername(), administrator.getPassword(), AuthorityUtils.createAuthorityList(administrator.getAuthority())); } else { throw new UsernameNotFoundException("could not find the administrator '" + username + "'"); } } }; } } @Configuration @EnableWebSecurity public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { public WebSecurityConfigurer() { // TODO Auto-generated constructor stub } @Override protected void configure(HttpSecurity http) throws Exception { // http.authorizeRequests().anyRequest().fullyAuthenticated().and().httpBasic().and().csrf().disable(); // http.authorizeRequests().antMatchers("/", "/index.html", "/css/**", // "/js/**","/static/**","/setup.html").permitAll().anyRequest().authenticated().and().formLogin().loginPage("/login.html").permitAll().and().logout().permitAll().and().httpBasic(); // http.authorizeRequests().antMatchers("/**" // ).permitAll().and().httpBasic(); http.authorizeRequests().antMatchers("/ping", "/v1/*/ping", "/v1/public/**").permitAll().anyRequest().authenticated().and().rememberMe().and().httpBasic().and().csrf().disable(); } }