1.UserDetails:接口,表示用户信息
接口中定义的方法如下:
//权限的集合 Collection getAuthorities(); String getPassword(); String getUsername(); //账号是否过期 boolean isAccountNonExpired(); //账号是否锁定 boolean isAccountNonLocked(); //证书是否过期 boolean isCredentialsNonExpired(); //账号是否启用 boolean isEnabled();
2.User:UserDetails默认的实现类
也可以自定义类去实现UserDetails接口,作为你的系统中的用户类,交给springsecurity使用
1.UserDetailsService:获取用户信息接口,得到UserDetails对象。一般项目中都需要自定义类来实现这个接口,从数据库中获取数据。
接口中定义的方法:
UserDetails loadUserByUsername(String username),根据用户的名称来获取用户信息
UserDetailsService接口的实现类:
1.InMemoryUserDetailsManager 实现类在内存中管理用户
配置类代码如下:
使用InMemoryUserDetailsManager创建用户信息
@Configuration
public class ApplicationConfig {
@Bean
public PasswordEncoder passwordEncoder(){
PasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder;
}
@Bean
//UserDetailsService:获取用户信息接口,得到UserDetails对象
//InMemoryUserDetailsManager:UserDetailsService的一个实现类
public UserDetailsService userDetailsService(){
PasswordEncoder encoder = passwordEncoder();
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("admin")
.password(encoder.encode("123456")).roles("ADMIN","USER").build());
manager.createUser(User.withUsername("zhangsan")
.password(encoder.encode("123456")).roles("USER").build());
return manager;
}
}
自定义安全配置
//配置类继承WebSecurityConfigurerAdapter,实现自定义安全配置
//重写configure提供web认证需要用到的信息类
public class MySecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService = null;
@Override
protected void configure(HttpSecurity http) throws Exception {
//userDetailsService对象提供用户的信息
http.userDetailsService(userDetailsService);
}
}
2.JdbcUserDetailsManager 实现类
JdbcUserDetailsManager:用户信息存放在数据库中,底层使用jdbcTemplate操作数据库。可以使用JdbcUserDetailsManager中的方法完成用户的管理:createUser创建用户、updateUser更新用户、deleteUser删除用户等方法。
spring-security-core-5.6.2.jarorgspringframeworksecuritycoreuserdetailsjdbcusers.ddl 中有表结构的创建语句,内容如下:
create table users(username varchar_ignorecase(50) not null primary key,password varchar_ignorecase(500) not null,enabled boolean not null); create table authorities (username varchar_ignorecase(50) not null,authority varchar_ignorecase(50) not null,constraint fk_authorities_users foreign key(username) references users(username)); create unique index ix_auth_username on authorities (username,authority);
ApplicationConfig.java
@Configuration
public class ApplicationConfig {
//通过Spring容器注入DataSource
@Autowired
private DataSource dataSource;
//创建PasswordEncoder对象
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
//创建JdbcUserDetailsService对象
@Bean
public UserDetailsService jdbcUserDetailsService() {
PasswordEncoder encoder = passwordEncoder();
//初始数据源DataSource JdbcTemplate对象
JdbcUserDetailsManager manager = new JdbcUserDetailsManager(dataSource);
if (!manager.userExists("admin")){
manager.createUser(User.withUsername("admin")
.password(encoder.encode("123456")).roles("ADMIN", "USER").build());
}
if (!manager.userExists("user")){
manager.createUser(User.withUsername("user")
.password(encoder.encode("123456")).roles("USER").build());
}
return manager;
}
}
MySecurityConfig.java
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
//重写方法时只是改变了数据的来源
super.configure(http);
http.userDetailsService(userDetailsService);
}
}
application.properties
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.url=jdbc:mysql://localhost:3306/springsecurity?useUnicode=true&characterEnconding=UTF-8 spring.datasource.username=root spring.datasource.password=123456
