【springboot】配置登陆校验

• 添加配置

#properties
auth.enable=true
auth.user-name=admin
auth.password=admin

# yml
auth:
  enable: true
  user-name: admin
  auth.password: admin

• 添加配置类

@Component
@ConfigurationProperties(prefix = "auth", ignoreUnknownFields = true)
public class AuthProperties {
    private Boolean enable = true;
    private String userName;
    private String password;

    public Boolean getEnable() {
        return enable;
    }

    public void setEnable(Boolean enable) {
        this.enable = enable;
    }

    public String getUserName() {
        return userName;
    }

    public void setUserName(String userName) {
        this.userName = userName;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

• 添加校验配置

package com.xiaoai.config.tomcatAuth;

import org.apache.catalina.CredentialHandler;
import org.apache.catalina.authenticator.Authenticatorbase;
import org.apache.catalina.authenticator.BasicAuthenticator;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.realm.MessageDigestCredentialHandler;
import org.apache.catalina.realm.Realmbase;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;

import java.security.Principal;
import java.util.Collections;

@Component
@ConditionalOnProperty(prefix = "auth", name = "enable", matchIfMissing = true)
public class AuthTomcatConfig implements WebServerFactoryCustomizer, Ordered {

    @Autowired
    private AuthProperties authProperties;

    @Override
    public void customize(ConfigurableServletWebServerFactory factory) {
        TomcatServletWebServerFactory tomcatServletWebServerFactory = (TomcatServletWebServerFactory) factory;
        tomcatServletWebServerFactory.addContextCustomizers(context -> {

            Realmbase realm = new Realmbase() {
                @Override
                protected String getPassword(String username) {
                    if (authProperties.getUserName().equals(username)) {
                        return authProperties.getPassword();
                    }
                    return null;
                }
                @Override
                protected Principal getPrincipal(String username) {
                    return new GenericPrincipal(username, authProperties.getPassword(), Collections.singletonList("**"));
                }
            };

            CredentialHandler credentialHandler = new MessageDigestCredentialHandler();
            realm.setCredentialHandler(credentialHandler);
            context.setRealm(realm);
            Authenticatorbase digestAuthenticator = new BasicAuthenticator();
            // 设置安全校验
            SecurityConstraint securityConstraint = new SecurityConstraint();
            securityConstraint.setAuthConstraint(true); // 是否开启
            securityConstraint.addAuthRole("**");
            // 校验条件收集
            SecurityCollection collection = new SecurityCollection();
            collection.addPattern("/auth/*");  // 校验路径
            securityConstraint.addCollection(collection);

            context.addConstraint(securityConstraint);
            context.getPipeline().addValve(digestAuthenticator);
        });
    }

    @Override
    public int getOrder() {
        return Ordered.LOWEST_PRECEDENCE;
    }
}