依赖

<dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!-- Thymeleaf --> <dependency> <groupId>org.thymeleaf</groupId> <artifactId>thymeleaf-spring5</artifactId> </dependency> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-java8time</artifactId> </dependency> <!-- SpringSecurity --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <!-- Thymeleaf 与 SpringSecurity 整合包 --> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-springsecurity5</artifactId> <version>3.0.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>org.junit.vintage</groupId> <artifactId>junit-vintage-engine</artifactId> </exclusion> </exclusions> </dependency></dependencies>

Controller：

package com.blu.controller;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.PathVariable;import org.springframework.web.bind.annotation.RequestMapping;@Controllerpublic class RouterController { @RequestMapping({ "/", "/index" }) public String index() { return "index"; } @RequestMapping("/tologin") public String toLogin() { return "views/login"; } @RequestMapping("/level1/{id}") public String level1(@PathVariable("id") int id) { return "views/level1/" + id; } @RequestMapping("/level2/{id}") public String level2(@PathVariable("id") int id) { return "views/level2/" + id; } @RequestMapping("/level3/{id}") public String level3(@PathVariable("id") int id) { return "views/level3/" + id; } }

SecurityConfig：

package com.blu.config;import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;@EnableWebSecuritypublic class SecurityConfig extends WebSecurityConfigurerAdapter{ /** * 授权 */ @Override protected void configure(HttpSecurity http) throws Exception { //所有人可以访问首页，功能页需要指定权限才可以访问 http.authorizeRequests() .antMatchers("/").permitAll() .antMatchers("/level1/**").hasRole("vip1") .antMatchers("/level2/**").hasRole("vip2") .antMatchers("/level3/**").hasRole("vip3"); //没有权限将默认跳转至登录页，需要开启登录的页面 //loginPage设置跳转至登录页的请求（默认为/login） //usernameParameter和passwordParameter配置登录的用户名和密码参数名称，默认就是username和password //loginProcessingUrl配置登录请求的url，需要和表单提交的url一致 http.formLogin().loginPage("/tologin") .usernameParameter("username") .passwordParameter("password") .loginProcessingUrl("/login"); //禁用CSRF保护 http.csrf().disable(); //开启注销功能和注销成功后的跳转页面（默认为登录页面） http.logout().logoutSuccessUrl("/"); //开启记住我功能，Cookie默认保存两周 http.rememberMe().rememberMeParameter("remember"); } /** * 认证 */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()) .withUser("BLU").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2","vip3") .and() .withUser("root").password(new BCryptPasswordEncoder().encode("111111")).roles("vip1","vip2","vip3") .and() .withUser("guest").password(new BCryptPasswordEncoder().encode("111222")).roles("vip1"); } }

注：以上方式认证的用户和角色信息是存储在内存中的，在实际开发中应该从数据库中获取，详见：SpringSecurity从数据库中获取用户信息进行验证

index.html

<!DOCTYPE html><html lang="en" xmlns:th="http:///s/1AtbcCht84NT-69-sSUAQRw

提取码: nh92

到此这篇关于SpringBoot与SpringSecurity整合的文章就介绍到这了,更多相关SpringBoot与SpringSecurity整合内容请搜索以前的文章或继续浏览下面的相关文章希望大家以后多多支持！