SpringBoot与SpringSecurity整合方法附源码

   org.springframework.bootspring-boot-starter-web<!-- Thymeleaf --> org.thymeleafthymeleaf-spring5 org.thymeleaf.extrasthymeleaf-extras-java8time<!-- SpringSecurity --> org.springframework.bootspring-boot-starter-security<!-- Thymeleaf 与 SpringSecurity 整合包 --> org.thymeleaf.extrasthymeleaf-extras-springsecurity53.0.4.RELEASE org.springframework.bootspring-boot-starter-testtest  org.junit.vintagejunit-vintage-engine

 package com.blu.controller; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; @Controller public class RouterController { @RequestMapping({ "/", "/index" }) public String index() { return "index"; } @RequestMapping("/tologin") public String toLogin() { return "views/login"; } @RequestMapping("/level1/{id}") public String level1(@PathVariable("id") int id) { return "views/level1/" + id; } @RequestMapping("/level2/{id}") public String level2(@PathVariable("id") int id) { return "views/level2/" + id; } @RequestMapping("/level3/{id}") public String level3(@PathVariable("id") int id) { return "views/level3/" + id; } }

 package com.blu.config; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter{ /** * 授权 */ @Override protected void configure(HttpSecurity http) throws Exception { //所有人可以访问首页，功能页需要指定权限才可以访问 http.authorizeRequests() .antMatchers("/").permitAll() .antMatchers("/level1/**").hasRole("vip1") .antMatchers("/level2/**").hasRole("vip2") .antMatchers("/level3/**").hasRole("vip3"); //没有权限将默认跳转至登录页，需要开启登录的页面 //loginPage设置跳转至登录页的请求（默认为/login） //usernameParameter和passwordParameter配置登录的用户名和密码参数名称，默认就是username和password //loginProcessingUrl配置登录请求的url，需要和表单提交的url一致 http.formLogin().loginPage("/tologin") .usernameParameter("username") .passwordParameter("password") .loginProcessingUrl("/login"); //禁用CSRF保护 http.csrf().disable(); //开启注销功能和注销成功后的跳转页面（默认为登录页面） http.logout().logoutSuccessUrl("/"); //开启记住我功能，Cookie默认保存两周 http.rememberMe().rememberMeParameter("remember"); } /** * 认证 */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()) .withUser("BLU").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2","vip3") .and() .withUser("root").password(new BCryptPasswordEncoder().encode("111111")).roles("vip1","vip2","vip3") .and() .withUser("guest").password(new BCryptPasswordEncoder().encode("111222")).roles("vip1"); } }

   <title>首页</title><!--semantic-ui--> <!--主容器--><div class="ui container"> <div class="ui segment" id="index-header-nav"> <div class="ui secondary menu"> 首页<!--登录注销--><div class="right menu"> <!--如果未登录--><div>  <i class="address card icon"></i> 登录 </div><!--如果已登录--><div>  <i class="address card icon"></i> 用户名：<span></span> 角色：<span></span></div><div>  <i class="address card icon"></i> 注销 </div></div></div></div><div class="ui segment" style="text-align: center"> <h3>Spring Security Study by BLU</h3></div><div> <br><div class="ui three column stackable grid"> <div class="column"> <div class="ui raised segment"> <div class="ui"> <div class="content"> <h5 class="content">Level 1</h5><hr><div><i class="bullhorn icon"></i> Level-1-1</div><div><i class="bullhorn icon"></i> Level-1-2</div><div><i class="bullhorn icon"></i> Level-1-3</div></div></div></div></div><div class="column"> <div class="ui raised segment"> <div class="ui"> <div class="content"> <h5 class="content">Level 2</h5><hr><div><i class="bullhorn icon"></i> Level-2-1</div><div><i class="bullhorn icon"></i> Level-2-2</div><div><i class="bullhorn icon"></i> Level-2-3</div></div></div></div></div><div class="column"> <div class="ui raised segment"> <div class="ui"> <div class="content"> <h5 class="content">Level 3</h5><hr><div><i class="bullhorn icon"></i> Level-3-1</div><div><i class="bullhorn icon"></i> Level-3-2</div><div><i class="bullhorn icon"></i> Level-3-3</div></div></div></div></div></div></div></div>

   <title>登录</title><!--semantic-ui--> <!--主容器--><div class="ui container"> <div class="ui segment"> <div style="text-align: center"> <strong style="color:transparent">来源gaodai#ma#com搞@代~码网</strong><h1 class="header">登录</h1></div><div class="ui placeholder segment"> <div class="ui column very relaxed stackable grid"> <div class="column"> <div class="ui form">  <div class="field"> <label>Username</label><div class="ui left icon input"> <i class="user icon"></i></div></div><div class="field"> <label>Password</label><div class="ui left icon input"> <i class="lock icon"></i></div></div><div class="field">  记住我 </div></div></div></div></div><div style="text-align: center"> <div class="ui label"> </i>注册 </div><br><br><small>[email protected]</small></div><div class="ui segment" style="text-align: center"> <h3>Spring Security Study by BLU</h3></div></div></div>

   <title>首页</title><!--semantic-ui--> <!--主容器--><div class="ui container"> <div></div><div class="ui segment" style="text-align: center"> <h3>Level-1-1</h3></div></div>