fengyilin
- 浏览: 193835 次
- 性别:
- 来自: 南京
-
文章分类
最新评论
前言
本篇文章我们举例说明在spring-security中利用mysql来存储用户信息和权限信息,示例采用security默认提供的DDL。
环境:
spring-boot版本:1.5.4.RELEASE
1.项目工程结构
2.配置类SecurityConfig.java
数据源的配置用了druid。
3.数据库表结构,因为采用的是spring-security默认的ddl,所以要创建默认的user和authorities,spring 为我们提供了默认表对应的建表语句,在spring-security-core-*.jar包的org.springframework.security.core.userdetails.jdbc目录下
实际创建时,varchar_ignorecase类型时没有的,改成varchar即可
4.接着插入我们测试用的数据
5.启动类SecurityJdbcApp.java
6.项目的pom.xml
7.index.html代码
8.启动项目
选中启动类,选择Run As -> Java Application
启动后在浏览器中输入 http://localhot:8080/index.html,如果一切正常,我们会被重定向到login页面,输入我们插入库中的测试用户名和密码
点击login后就会重定向到index.html页面
到此,我们jdbc的简单示例就完成了。后续我们还会进一步探讨采用jdbc来做认证存储,包括自定义数据表结构,用户权限继承等等功能。
下载源码
本篇文章我们举例说明在spring-security中利用mysql来存储用户信息和权限信息,示例采用security默认提供的DDL。
环境:
spring-boot版本:1.5.4.RELEASE
1.项目工程结构
2.配置类SecurityConfig.java
/**
*
*/
package nariis.chengf.security.samples.javaconfig.jdbc;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import com.alibaba.druid.pool.DruidDataSource;
/**
* @author: 作者: chengaofeng
* @date: 创建时间:2018-01-09 08:31:44
* @Description: TODO
* @version V1.0
*/
@EnableWebSecurity
public class SecurityConfig {
@Bean
public DruidDataSource dataSource() {
DruidDataSource dataSource = new DruidDataSource();
dataSource.setDriverClassName("com.mysql.jdbc.Driver");
dataSource.setUsername("root");
dataSource.setPassword("sso");
dataSource.setName("chengf");
dataSource.setUrl("jdbc:mysql://localhost:3306/chengf?useUnicode=true&characterEncoding=UTF-8");
dataSource.setMaxActive(20);
dataSource.setInitialSize(1);
dataSource.setMaxWait(60000);
dataSource.setMinIdle(1);
dataSource.setTimeBetweenEvictionRunsMillis(60000);
dataSource.setMinEvictableIdleTimeMillis(300000);
dataSource.setValidationQuery("select 'x'");
dataSource.setPoolPreparedStatements(true);
dataSource.setMaxPoolPreparedStatementPerConnectionSize(20);
return dataSource;
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource);
}
}
数据源的配置用了druid。
3.数据库表结构,因为采用的是spring-security默认的ddl,所以要创建默认的user和authorities,spring 为我们提供了默认表对应的建表语句,在spring-security-core-*.jar包的org.springframework.security.core.userdetails.jdbc目录下
create table users(username varchar_ignorecase(50) not null primary key,password varchar_ignorecase(500) not null,enabled boolean not null); create table authorities (username varchar_ignorecase(50) not null,authority varchar_ignorecase(50) not null,constraint fk_authorities_users foreign key(username) references users(username)); create unique index ix_auth_username on authorities (username,authority);
实际创建时,varchar_ignorecase类型时没有的,改成varchar即可
4.接着插入我们测试用的数据
5.启动类SecurityJdbcApp.java
package nariis.chengf.security.samples.javaconfig.jdbc;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* Hello world!
*
*/
@SpringBootApplication
public class SecurityJdbcApp
{
public static void main( String[] args )
{
SpringApplication.run(SecurityJdbcApp.class, args);
}
}
6.项目的pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>nariis.chengf</groupId>
<artifactId>security-samples-javaconfig-jdbc</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>security-samples-javaconfig-jdbc</name>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.4.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.0.27</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
<configuration>
<mainClass>${start-class}</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</project>
7.index.html代码
<!DOCTYPE html> <html> <head> <title>Static</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> <body> hello jdbc! </body> </html>
8.启动项目
选中启动类,选择Run As -> Java Application
启动后在浏览器中输入 http://localhot:8080/index.html,如果一切正常,我们会被重定向到login页面,输入我们插入库中的测试用户名和密码
点击login后就会重定向到index.html页面
到此,我们jdbc的简单示例就完成了。后续我们还会进一步探讨采用jdbc来做认证存储,包括自定义数据表结构,用户权限继承等等功能。
下载源码
分享到:
发表评论
-
spring-security(二十五)鉴权
2018-03-27 11:21 1600前言 本文将详细探讨spring security中的鉴权 ... -
test
2018-03-19 21:20 0什么是服务发现 ... -
spring-security(二十四)CSRF
2018-03-24 09:54 81591.什么是CSRF攻击 下面我们以一个具体的例子来说明这种常见 ... -
spring-security(二十三)Remember-Me认证
2018-03-09 21:06 1340前言: Remember-me认证方式指的是能在不同的会话 ... -
spring-security(二十二)基本认证和摘要认证
2018-03-06 16:58 1801前言: 在web应用中,非常流行以基本认证和摘要认证作为备 ... -
spring-security(二十一)核心Filter-UsernamePasswordAuthenticationFilter
2018-03-04 11:05 1237一、UsernamePasswordAuthenticatio ... -
spring-security(二十)核心Filter-SecurityContextPersistenceFilter
2018-02-28 21:40 1131一、SecurityContextPersistenceFil ... -
spring-security(十九)核心Filter-ExceptionTranslationFilter
2018-02-27 16:31 2060前言: 在spring的安全 ... -
spring-security(十八)核心Filter-FilterSecurityInterceptor
2018-02-25 10:59 2344前言: 当用spring secur ... -
spring-security(二十六)整合CAS 实现SSO
2018-04-05 18:09 12421.cas 认证流程 2.spring security ... -
spring-security(十七)Filter顺序及简介
2018-02-22 18:16 7901前言: spring security在 ... -
spring-security(十六)Filter配置原理
2018-02-21 15:18 2386前言: spring security最常见的应用场景还是 ... -
spring-security(十五) Password编码
2018-02-19 15:15 1225前言: 在实际应用中 ... -
spring-security(十四)UserDetailsService
2018-02-19 11:35 1471前言: 作为spring security的核心类,大多数 ... -
spring-security(十三)核心服务类
2018-02-18 16:46 1412前言: 在之前的篇章中我们已经讲述了spring secu ... -
spring-security(十二)鉴权方式概述
2018-02-18 10:42 2526前言: 本文主要讲述在spring security鉴权的 ... -
spring-security(十一)Web应用认证过程
2018-02-17 17:17 1238前言: 本文将探讨当 ... -
spring-security(十)基本认证过程
2018-02-17 13:55 2106前言: 在spring security中认证具体指的是什 ... -
spring-security(九)-核心组件
2018-02-17 10:46 868前言: 本文主要介绍在spring security中的几 ... -
spring-security(八)java config-sample之cas client
2018-02-16 11:26 2068前言: SSO英文全称Single Sign On,单点登 ...
相关推荐
赠送jar包:spring-security-config-5.0.7.RELEASE.jar; 赠送原API文档:spring-security-config-5.0.7.RELEASE-javadoc.jar; 赠送源代码:spring-security-config-5.0.7.RELEASE-sources.jar; 赠送Maven依赖信息...
赠送jar包:spring-security-config-5.5.2.jar; 赠送原API文档:spring-security-config-5.5.2-javadoc.jar; 赠送源代码:spring-security-config-5.5.2-sources.jar; 赠送Maven依赖信息文件:spring-security-...
赠送jar包:spring-security-config-5.3.9.RELEASE.jar; 赠送原API文档:spring-security-config-5.3.9.RELEASE-javadoc.jar; 赠送源代码:spring-security-config-5.3.9.RELEASE-sources.jar; 赠送Maven依赖信息...
赠送jar包:spring-security-config-5.2.0.RELEASE.jar; 赠送原API文档:spring-security-config-5.2.0.RELEASE-javadoc.jar; 赠送源代码:spring-security-config-5.2.0.RELEASE-sources.jar; 赠送Maven依赖信息...
赠送jar包:spring-security-config-5.6.1.jar; 赠送原API文档:spring-security-config-5.6.1-javadoc.jar; 赠送源代码:spring-security-config-5.6.1-sources.jar; 赠送Maven依赖信息文件:spring-security-...
赠送jar包:spring-security-config-4.2.8.RELEASE.jar; 赠送原API文档:spring-security-config-4.2.8.RELEASE-javadoc.jar; 赠送源代码:spring-security-config-4.2.8.RELEASE-sources.jar; 包含翻译后的...
赠送jar包:spring-security-crypto-5.6.1.jar; 赠送原API文档:spring-security-crypto-5.6.1-javadoc.jar; 赠送源代码:spring-security-crypto-5.6.1-sources.jar; 赠送Maven依赖信息文件:spring-security-...
赠送jar包:spring-security-crypto-5.5.2.jar; 赠送原API文档:spring-security-crypto-5.5.2-javadoc.jar; 赠送源代码:spring-security-crypto-5.5.2-sources.jar; 赠送Maven依赖信息文件:spring-security-...
赠送jar包:spring-security-oauth2-2.3.5.RELEASE.jar; 赠送原API文档:spring-security-oauth2-2.3.5.RELEASE-javadoc.jar; 赠送源代码:spring-security-oauth2-2.3.5.RELEASE-sources.jar; 赠送Maven依赖信息...
赠送jar包:spring-security-core-5.3.9.RELEASE.jar; 赠送原API文档:spring-security-core-5.3.9.RELEASE-javadoc.jar; 赠送源代码:spring-security-core-5.3.9.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:spring-security-jwt-1.0.10.RELEASE.jar; 赠送原API文档:spring-security-jwt-1.0.10.RELEASE-javadoc.jar; 赠送源代码:spring-security-jwt-1.0.10.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:spring-security-rsa-1.0.10.RELEASE.jar; 赠送原API文档:spring-security-rsa-1.0.10.RELEASE-javadoc.jar; 赠送源代码:spring-security-rsa-1.0.10.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:spring-jdbc-5.3.15.jar; 赠送原API文档:spring-jdbc-5.3.15-javadoc.jar; 赠送源代码:spring-jdbc-5.3.15-sources.jar; 赠送Maven依赖信息文件:spring-jdbc-5.3.15.pom; 包含翻译后的API文档:...
赠送jar包:spring-security-core-5.2.0.RELEASE.jar; 赠送原API文档:spring-security-core-5.2.0.RELEASE-javadoc.jar; 赠送源代码:spring-security-core-5.2.0.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
赠送jar包:spring-security-config-5.0.7.RELEASE.jar; 赠送原API文档:spring-security-config-5.0.7.RELEASE-javadoc.jar; 赠送源代码:spring-security-config-5.0.7.RELEASE-sources.jar; 赠送Maven依赖信息...
赠送jar包:spring-security-config-5.6.1.jar; 赠送原API文档:spring-security-config-5.6.1-javadoc.jar; 赠送源代码:spring-security-config-5.6.1-sources.jar; 赠送Maven依赖信息文件:spring-security-...
开发工具 spring-jdbc-4.3.6.RELEASE开发工具 spring-jdbc-4.3.6.RELEASE开发工具 spring-jdbc-4.3.6.RELEASE开发工具 spring-jdbc-4.3.6.RELEASE开发工具 spring-jdbc-4.3.6.RELEASE开发工具 spring-jdbc-4.3.6....
赠送jar包:spring-security-core-5.5.2.jar; 赠送原API文档:spring-security-core-5.5.2-javadoc.jar; 赠送源代码:spring-security-core-5.5.2-sources.jar; 赠送Maven依赖信息文件:spring-security-core-...
赠送jar包:spring-security-core-5.0.7.RELEASE.jar; 赠送原API文档:spring-security-core-5.0.7.RELEASE-javadoc.jar; 赠送源代码:spring-security-core-5.0.7.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
10. **spring-security-config-3.1.2.RELEASE.jar**:提供了基于XML或Java的配置方式,用于定义安全规则和策略,如定义访问控制列表,自定义过滤器链等。 通过以上这些jar包,我们可以深入研究Spring Security Web...