SpringSecurity-重写默认配置

发布于:2024-06-23 ⋅ 阅读:(42) ⋅ 点赞:(0)

重写UserDetailService组件

1.注入Bean的方式

/**
 * @author: coffee
 * @date: 2024/6/22 21:22
 * @description: 重写springsecurity默认组件:注入Bean的方式
 */
 @Configuration
public class ProjectConfig {

    /**
     * 重写userDetailsService组件
     */
     @Bean
    public UserDetailsService userDetailsService () {
        // InMemoryUserDetailsManager实现并不适用生成环境,此处进作为demo使用
        InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();

        // 使用指定用户名、密码和权限列表构建用户
        UserDetails user = User.withUsername("john").password("12345").authorities("read").build();

        // 添加该用户以便让UserDetailsService对其进行管理
        userDetailsService.createUser(user);

        return userDetailsService;
    }

    /**
     * 重写UserDetailsService组件也必须重写PasswordEncoder组件,否则会报:
     *    java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
     */
     @Bean
    public PasswordEncoder passwordEncoder () {
        // NoOpPasswordEncoder实例会将密码视为普通文本,他不会对密码进行加密或者hash处理
        return NoOpPasswordEncoder.getInstance();
    }
}

2.扩展WebSecurityConfigurerAdapter

/**
 * @author: coffee
 * @date: 2024/6/22 21:46
 * @description:
 */
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {


    /**
     * 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
     */
    @Override
    protected void configure (HttpSecurity httpSecurity) throws Exception {
        httpSecurity.httpBasic();

        // 所有请求都需要身份验证
        // httpSecurity.authorizeRequests().anyRequest().authenticated();

        // permitAll()方法修改授权配置,无需凭据(用户名密码)也可以直接调用接口。   curl http://localhost:8080/hello
        httpSecurity.authorizeRequests().anyRequest().permitAll();
    }

    /**
     * 重写springsecurity默认组件:继承WebSecurityConfigurerAdapter的方式
     */
    @Override
    protected void configure (AuthenticationManagerBuilder auth) throws Exception {
        // InMemoryUserDetailsManager实现并不适用生成环境,此处进作为demo使用
        InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();

        // 使用指定用户名、密码和权限列表构建用户
        UserDetails user = User.withUsername("john").password("12345").authorities("read").build();

        // 添加该用户以便让UserDetailsService对其进行管理
        userDetailsService.createUser(user);

        // AuthenticationManagerBuilder调用userDetailsService()方法来注册UserDetailsService实例
        // AuthenticationManagerBuilder调用passwordEncoder()方法来注册NoOpPasswordEncoder实例
        auth.userDetailsService(userDetailsService).passwordEncoder(NoOpPasswordEncoder.getInstance());

    }
}

重写端点授权配置

/**
 * @author: coffee
 * @date: 2024/6/22 21:46
 * @description:
 */
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {


    /**
     * 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
     */
    @Override
    protected void configure (HttpSecurity httpSecurity) throws Exception {
        httpSecurity.httpBasic();

        // 所有请求都需要身份验证
        // httpSecurity.authorizeRequests().anyRequest().authenticated();

        // permitAll()方法修改授权配置,无需凭据(用户名密码)也可以直接调用接口。   curl http://localhost:8080/hello
        httpSecurity.authorizeRequests().anyRequest().permitAll();
    }
}

重写AuthenticationProvider实现

/**
 * @author: coffee
 * @date: 2024/6/22 22:15
 * @description: ...
 */
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String userName = authentication.getName();
        String password = String.valueOf(authentication.getCredentials());

        // 重写身份验证提供者,用if else 替换 UserDetailsService和PasswordEncoder
        if ("john".equals(userName) && "12345".equals(password)) {
            return new UsernamePasswordAuthenticationToken(userName, password, Arrays.asList());
        } else {
            throw new AuthenticationCredentialsNotFoundException("ERROR");
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
    }
}

/**
 * @author: coffee
 * @date: 2024/6/22 21:46
 * @description:
 */
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {

    @Autowired
    private CustomAuthenticationProvider customAuthenticationProvider;

    /**
     * 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
     */
    @Override
    protected void configure (HttpSecurity httpSecurity) throws Exception {
        httpSecurity.httpBasic();

        // 所有请求都需要身份验证
         httpSecurity.authorizeRequests().anyRequest().authenticated();

    }

    /**
     * 重写身份验证提供者
     */
    @Override
    protected void configure (AuthenticationManagerBuilder auth) throws Exception {
       
        auth.authenticationProvider(customAuthenticationProvider);

    }
}

网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布