Spring Security :(一) SpringSecurity的Basic模式和formLogin模式

Security有两种登陆模式:

1、Basic登陆模式

2、formLogin()登陆模式

创建一个Springboot项目

添加Pom.xml

    4.0.0
    
        org.springframework.boot
        spring-boot-starter-parent
        2.3.1.RELEASE
         
    
    com.example
    springabc
    0.0.1-SNAPSHOT
    springabc
    Demo project for Spring Boot

    
        1.8
    

    
        
            org.springframework.boot
            spring-boot-starter
        
        
            org.springframework.boot
            spring-boot-starter-security
        
        
            org.springframework.boot
            spring-boot-starter-web
        
       
            org.springframework.boot
            spring-boot-starter-thymeleaf
        
        
            org.springframework.boot
            spring-boot-starter-test
            test
            
                
                    org.junit.vintage
                    junit-vintage-engine
                
            
        
    

    
        
            
                org.springframework.boot
                spring-boot-maven-plugin
            
        
    

设置端口号

server.port=8080

启动EnableWebSecurity

package com.example.springabc;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

@SpringBootApplication
@EnableWebSecurity
public class SpringabcApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringabcApplication.class, args);
    }

}

创建SecurityCofig

package com.example.springabc.securityConfig;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * @ClassName SecurityCofig
 * @Description TODO
 * @Author zhurongfei
 * @Data 2020/7/14 17:23
 * Version 1.0
 **/
@Component
public class SecurityCofig extends WebSecurityConfigurerAdapter {
    /**
     * 添加账户
     * @param auth
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //添加用户信息和权限
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("zrf").password(new BCryptPasswordEncoder().encode("zrf")).authorities("find");//添加用户名和密码 authorities权限名称
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).authorities("insert");//添加用户名和密码 
    }

    /**
     * 拦截登陆请求
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
       http.authorizeRequests().
               antMatchers("/**d").fullyAuthenticated().and().httpBasic();
 // http.authorizeRequests().
   //            antMatchers("/**d").fullyAuthenticated().and().formLogin();
    }
}

 

然后创建Controller

package com.example.springabc.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName findUser
 * @Description TODO
 * @Author zhurongfei
 * @Data 2020/7/14 17:20
 * Version 1.0
 **/
@RestController
public class findUser {

    @RequestMapping("find")
    public String find(){
        return "查询成功!有查询权限";
    }
    @RequestMapping("insert")
    public String insert(){
        return "插入成功!有权限插入";
    }
}

这就是basic模式