spring Securityのユーザー認証プロセスの詳細
まず私はxmlファイルで声明したいです。ユーザー認証クラス、つまり自分でデータベースから調べたいです。
UserDetails Service
<http pattern="/*.html" security="none"/>
<http pattern="/css/**" security="none"/>
<http pattern="/img/**" security="none"/>
<http pattern="/js/**" security="none"/>
<http pattern="/plugins/**" security="none"/>
<http pattern="/seller/add.do" security="none"/>
<!-- use-expressions: SpEL , true。 -->
<http use-expressions="false">
<!--
SpringSecurity ( )
* pattern: 。 /* ( ) /** ( )
* access: ROLE_ : ROLE_USER
-->
<intercept-url pattern="/**" access="ROLE_SELLER"/>
<!--
username-parameter="username"
password-parameter="password"
login-page : /
default-target-url :
login-processing-url: "/login"
-->
<form-login login-page="/shoplogin.html" default-target-url="/admin/index.html" always-use-default-target="true" authentication-failure-url="/shoplogin.html"/>
<!-- csrf -->
<csrf disabled="true"/>
<!-- -->
<headers>
<frame-options policy="SAMEORIGIN"/>
</headers>
<!-- -->
<logout logout-url="/logout" logout-success-url="/shoplogin.html" />
</http>
<!-- -->
<authentication-manager>
<!-- -->
<authentication-provider user-service-ref="userDetailService">
<password-encoder ref="passwordEncoder"></password-encoder>
</authentication-provider>
</authentication-manager>
<!-- -->
<beans:bean id="userDetailService" class="com.qingmu2.core.service.UserDetailServiceImpl">
<beans:property name="sellerService" ref="sellerService"></beans:property>
</beans:bean>
<!-- BCryptPasswordEncoder-->
<beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
カスタムファイルの設定が完了したら、カスタム認証クラスが必要なモジュールに実装します。UserDetails Service
package com.qingmu2.core.service;
import com.alibaba.dubbo.config.annotation.Reference;
import com.qingmu2.core.pojo.seller.Seller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
/**
*
* @Auther:qingmu
* @Description: ,
* @Date:Created in 8:33 2019/5/31
*/
public class UserDetailServiceImpl implements UserDetailsService {
private SellerService sellerService;
public UserDetailServiceImpl() {
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Seller seller = sellerService.findOne(username);
if(null!=seller){
// .
if("1".equals(seller.getStatus())){
// ,
HashSet<GrantedAuthority> authorities = new HashSet<>();
authorities.add(new SimpleGrantedAuthority("ROLE_SELLER"));
//
return new User(username,seller.getPassword(),authorities);
}
}
// , null
return null;
}
public UserDetailServiceImpl(SellerService sellerService) {
this.sellerService = sellerService;
}
public SellerService getSellerService() {
return sellerService;
}
public void setSellerService(SellerService sellerService) {
this.sellerService = sellerService;
}
}
以上が本文の全部です。皆さんの勉強に役に立つように、私たちを応援してください。