重写UserDetailService组件
1.注入Bean的方式
/**
* @author: coffee
* @date: 2024/6/22 21:22
* @description: 重写springsecurity默认组件:注入Bean的方式
*/
@Configuration
public class ProjectConfig {
/**
* 重写userDetailsService组件
*/
@Bean
public UserDetailsService userDetailsService () {
// InMemoryUserDetailsManager实现并不适用生成环境,此处进作为demo使用
InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();
// 使用指定用户名、密码和权限列表构建用户
UserDetails user = User.withUsername("john").password("12345").authorities("read").build();
// 添加该用户以便让UserDetailsService对其进行管理
userDetailsService.createUser(user);
return userDetailsService;
}
/**
* 重写UserDetailsService组件也必须重写PasswordEncoder组件,否则会报:
* java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
*/
@Bean
public PasswordEncoder passwordEncoder () {
// NoOpPasswordEncoder实例会将密码视为普通文本,他不会对密码进行加密或者hash处理
return NoOpPasswordEncoder.getInstance();
}
}
2.扩展WebSecurityConfigurerAdapter
/**
* @author: coffee
* @date: 2024/6/22 21:46
* @description:
*/
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {
/**
* 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
*/
@Override
protected void configure (HttpSecurity httpSecurity) throws Exception {
httpSecurity.httpBasic();
// 所有请求都需要身份验证
// httpSecurity.authorizeRequests().anyRequest().authenticated();
// permitAll()方法修改授权配置,无需凭据(用户名密码)也可以直接调用接口。 curl http://localhost:8080/hello
httpSecurity.authorizeRequests().anyRequest().permitAll();
}
/**
* 重写springsecurity默认组件:继承WebSecurityConfigurerAdapter的方式
*/
@Override
protected void configure (AuthenticationManagerBuilder auth) throws Exception {
// InMemoryUserDetailsManager实现并不适用生成环境,此处进作为demo使用
InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();
// 使用指定用户名、密码和权限列表构建用户
UserDetails user = User.withUsername("john").password("12345").authorities("read").build();
// 添加该用户以便让UserDetailsService对其进行管理
userDetailsService.createUser(user);
// AuthenticationManagerBuilder调用userDetailsService()方法来注册UserDetailsService实例
// AuthenticationManagerBuilder调用passwordEncoder()方法来注册NoOpPasswordEncoder实例
auth.userDetailsService(userDetailsService).passwordEncoder(NoOpPasswordEncoder.getInstance());
}
}
重写端点授权配置
/**
* @author: coffee
* @date: 2024/6/22 21:46
* @description:
*/
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {
/**
* 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
*/
@Override
protected void configure (HttpSecurity httpSecurity) throws Exception {
httpSecurity.httpBasic();
// 所有请求都需要身份验证
// httpSecurity.authorizeRequests().anyRequest().authenticated();
// permitAll()方法修改授权配置,无需凭据(用户名密码)也可以直接调用接口。 curl http://localhost:8080/hello
httpSecurity.authorizeRequests().anyRequest().permitAll();
}
}
重写AuthenticationProvider实现
/**
* @author: coffee
* @date: 2024/6/22 22:15
* @description: ...
*/
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String userName = authentication.getName();
String password = String.valueOf(authentication.getCredentials());
// 重写身份验证提供者,用if else 替换 UserDetailsService和PasswordEncoder
if ("john".equals(userName) && "12345".equals(password)) {
return new UsernamePasswordAuthenticationToken(userName, password, Arrays.asList());
} else {
throw new AuthenticationCredentialsNotFoundException("ERROR");
}
}
@Override
public boolean supports(Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
}
}
/**
* @author: coffee
* @date: 2024/6/22 21:46
* @description:
*/
@Configuration
public class ProjectConfig2 extends WebSecurityConfigurerAdapter {
@Autowired
private CustomAuthenticationProvider customAuthenticationProvider;
/**
* 重写端点授权配置,就需要扩展WebSecurityConfigurerAdapter类,可以使用HttpSecurity对象的不同方法更改配置
*/
@Override
protected void configure (HttpSecurity httpSecurity) throws Exception {
httpSecurity.httpBasic();
// 所有请求都需要身份验证
httpSecurity.authorizeRequests().anyRequest().authenticated();
}
/**
* 重写身份验证提供者
*/
@Override
protected void configure (AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthenticationProvider);
}
}