-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathatom.xml
79 lines (40 loc) · 64.2 KB
/
atom.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>YiAiluo‘s BLOG</title>
<subtitle>爱自己是终身浪漫的开始</subtitle>
<link href="https://yiailuo.github.io/atom.xml" rel="self"/>
<link href="https://yiailuo.github.io/"/>
<updated>2022-11-30T13:33:39.164Z</updated>
<id>https://yiailuo.github.io/</id>
<author>
<name>易霭珞</name>
</author>
<generator uri="https://hexo.io/">Hexo</generator>
<entry>
<title>Docker核心技术-易霭珞</title>
<link href="https://yiailuo.github.io/Docker%E6%A0%B8%E5%BF%83%E6%8A%80%E6%9C%AF/"/>
<id>https://yiailuo.github.io/Docker%E6%A0%B8%E5%BF%83%E6%8A%80%E6%9C%AF/</id>
<published>2022-11-30T13:27:50.490Z</published>
<updated>2022-11-30T13:33:39.164Z</updated>
<content type="html"><![CDATA[<link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" class="aplayer-secondary-script-marker"></script><script class="meting-secondary-script-marker" src="\assets\js\Meting.min.js"></script><h1 id="Docker核心技术"><a href="#Docker核心技术" class="headerlink" title="Docker核心技术"></a>Docker核心技术</h1><h3 id="初识Docker"><a href="#初识Docker" class="headerlink" title="初识Docker"></a>初识Docker</h3><p><img src="https://img-blog.csdnimg.cn/45fd047ecba14e1eb7669a13e3f1af36.jpeg" alt="在这里插入图片描述"></p><p>基于Linux内核的Cgoup,NameSpace,以及Union FS等技术,对进程进行封装隔离,属于操作系统层面的虚拟技术,由于隔离的进程独立于宿主和其他的隔离的进程,因此也被称为容器。</p><p>Docker在容器的基础上,进行了进一步的封装,从文件系统,网络互联网到进程隔离等等,极大的简化了容器的创建和维护,使得Docker技术比虚拟机技术更为简便、快捷。</p><h3 id="为什么要用Docker?它有哪些特性和优势?"><a href="#为什么要用Docker?它有哪些特性和优势?" class="headerlink" title="为什么要用Docker?它有哪些特性和优势?"></a>为什么要用Docker?它有哪些特性和优势?</h3><p> 它能更高效的利用系统资源、更快速的启动时间、一致的运行环境、更轻松的迁移、更轻松的维护和扩展</p><p>特性:安全性、隔离性、便携性、可配额</p><h3 id="Docker与虚拟机的区别"><a href="#Docker与虚拟机的区别" class="headerlink" title="Docker与虚拟机的区别"></a>Docker与虚拟机的区别</h3><p><img src="https://img-blog.csdnimg.cn/1c2128155a294e5ca4d049d0672a91a3.png" alt="在这里插入图片描述"></p><p><img src="https://img-blog.csdnimg.cn/77b9b83795884842a5a6d580e3b77653.png" alt="在这里插入图片描述"></p><p>参考链接:<a href="https://www.jianshu.com/p/d3006b8a22ee">Docker与虚拟机的区别 - 简书 (jianshu.com)</a></p><h3 id="容器操作"><a href="#容器操作" class="headerlink" title="容器操作"></a>容器操作</h3><p>启动:</p><ul><li><p>docker run</p><p> -it 交互</p><p> -d 后台运行</p><p> -p 端口映射</p><p> -v 磁盘挂载</p></li><li><p>启动已终止的容器:docker start</p></li><li><p>停止容器:docker stop</p></li><li><p>查看容器进程:docker ps</p></li><li><p>查看容器细节:docker inspect [containerid]</p></li><li><p>进入容器:docker attach</p><p>docker exec</p></li><li><p>通过 nsenter:</p><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">PID=$(docker inspect -- format "{{.State.Pid}}")[container])</span><br><span class="line"></span><br><span class="line">$ nsenter --target $PID --mount --uts --ipc --net --pid</span><br></pre></td></tr></table></figure></li><li><p>拷贝文件至容器内:docker cp file [container:id]:/file-to-path</p></li></ul><h3 id="什么是-Dockerfile?"><a href="#什么是-Dockerfile?" class="headerlink" title="什么是 Dockerfile?"></a>什么是 Dockerfile?</h3><p>Dockerfile 是一个用来构建镜像的文本文件,文本内容包含了一条条构建镜像所需的指令和说明。</p><p>Dockerfile详情使用参考教程<a href="https://blog.csdn.net/qq_42402854/article/details/108661285">Docker Dockerfile详解使用_Charge8的博客-CSDN博客_docker dockerfile</a></p><p>查看Dockerfile:</p><p>例:</p><p>FROM ubuntu ENV MY_SERVICE_PORT=80 ADD bin/amd64/httpserver/httpserver ENTRYPOINT /httpserver</p><p>将Dockerfile打包成镜像:</p><p>例:</p><p>docker build -t cncamp/httpserver:${tag} </p><p>docker push cncamp/httpserver:v1.0</p><p>运行容器:</p><p>例:</p><p>docker run -d cncamp/httpserver:v1.0</p><h3 id="什么是NameSpace?"><a href="#什么是NameSpace?" class="headerlink" title="什么是NameSpace?"></a>什么是NameSpace?</h3><p>NameSpace是Linux内核用来隔离内核资源的方式。</p><p>NameSpace的特点:</p><ul><li><p>系统可以为进程分配不同的 Namespace;</p></li><li><p>并保证不同的 Namespace 资源独立分配、进程彼此隔离,即不同的 Namespace 下的进程互不干扰 。</p></li><li><p>通过 Namespace 可以让一些进程只能看到与自己相关的一部分资源,而另外一些进程也只能看到与它们自己相关的资源。这两拨进程相互独立且隔离无法感知到对方的存在。具体的实现方式是把一个或多个进程的相关资源指定在同一个 namespace 中。</p></li><li><p>进程的数据结构实现</p><figure class="highlight c"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="class"><span class="keyword">struct</span> <span class="title">task_struct</span> {</span></span><br><span class="line">...</span><br><span class="line"><span class="comment">/* namespaces */</span></span><br><span class="line"><span class="class"><span class="keyword">struct</span> <span class="title">nsproxy</span> *<span class="title">nsproxy</span>;</span></span><br><span class="line">...</span><br><span class="line">}</span><br></pre></td></tr></table></figure></li><li><p>namespace的数据结构实现</p><figure class="highlight c"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line"><span class="class"><span class="keyword">struct</span> <span class="title">nsproxy</span> {</span></span><br><span class="line"><span class="type">atomic_t</span> count;</span><br><span class="line"><span class="class"><span class="keyword">struct</span> <span class="title">uts_namespace</span> *<span class="title">uts_ns</span>;</span> <span class="class"><span class="keyword">struct</span> <span class="title">ipc_namespace</span> *<span class="title">ipc_ns</span>;</span> <span class="class"><span class="keyword">struct</span> <span class="title">mnt_namespace</span> *<span class="title">mnt_ns</span>;</span> <span class="class"><span class="keyword">struct</span> <span class="title">pid_namespace</span></span></span><br><span class="line"><span class="class">*<span class="title">pid_ns_for_children</span>;</span></span><br><span class="line"><span class="class"><span class="keyword">struct</span> <span class="title">net</span> *<span class="title">net_ns</span>;</span></span><br><span class="line">}</span><br></pre></td></tr></table></figure></li></ul><p>NameSpace的用途:<br>从 docker 实现者的角度考虑如何实现一个资源隔离的容器。可以通过 chroot 命令切换根目录的挂载点,从而隔离文件系统。为了在分布式的环境下进行通信和定位,容器必须要有独立的 IP、端口和路由等,这就需要对网络进行隔离。同时容器还需要一个独立的主机名以便在网络中标识自己。接下来还需要进程间的通信、用户权限等的隔离。最后,运行在容器中的应用需要有进程号(PID),自然也需要与宿主机中的 PID 进行隔离。也就是说这六种隔离能力是实现一个容器的基础,</p><table><thead><tr><th>名称</th><th>宏定义</th><th>隔离的资源</th></tr></thead><tbody><tr><td>IPC</td><td>CLONE_NEWIPC</td><td>信号量、共享内存和POSIX 消息队列</td></tr><tr><td>Network</td><td>CLONE_NEWNET</td><td>网络设备,网络栈,端口等</td></tr><tr><td>Mount</td><td>CLONE_NEWNS</td><td>文件挂载点</td></tr><tr><td>PID</td><td>CLONE_NEWPID</td><td>进程编号</td></tr><tr><td>User</td><td>CLONE_NEWUSER</td><td>用户和用户组</td></tr><tr><td>UTS</td><td>CLONE_NEWUTS</td><td>主机名和NIS域名</td></tr><tr><td></td><td></td><td></td></tr></tbody></table><p><img src="https://img-blog.csdnimg.cn/57373d31724744bfa6b0b570eac9eb61.png" alt="在这里插入图片描述"></p><p>NameSpace的常用操作:</p><ul><li><p>查看当前系统的namespace:</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">lsns -t <type></span><br></pre></td></tr></table></figure></li><li><p>查看某进程的namespace:</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">ls -la /proc/<pid>/ns/</span><br></pre></td></tr></table></figure></li><li><p>进入某namespace运行命令:</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">nsenter -t <pid> -n ip addr</span><br></pre></td></tr></table></figure></li><li><p>在新network namespace 执行sleep指令:</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">unshare -fn sleep 60</span><br></pre></td></tr></table></figure></li><li><p>查看进程信息</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">ps -ef|grep sleep</span><br></pre></td></tr></table></figure></li><li><p>查看网络NameSpace</p><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">lsns -t net</span><br></pre></td></tr></table></figure></li></ul><blockquote><p>参考:<br>极客时间训练营—–Docker教程<br><a href="https://www.cnblogs.com/sparkdev/p/9365405.html">Linux Namspace:简介</a></p></blockquote>]]></content>
<summary type="html"><link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" cla</summary>
</entry>
<entry>
<title>SpringSecurity-自定义控制器Handler</title>
<link href="https://yiailuo.github.io/SpringSecurity%E5%AD%A6%E4%B9%A02-%E8%87%AA%E5%AE%9A%E4%B9%89%E6%8E%A7%E5%88%B6%E5%99%A8Handler/"/>
<id>https://yiailuo.github.io/SpringSecurity%E5%AD%A6%E4%B9%A02-%E8%87%AA%E5%AE%9A%E4%B9%89%E6%8E%A7%E5%88%B6%E5%99%A8Handler/</id>
<published>2022-09-30T04:33:52.928Z</published>
<updated>2022-11-30T13:13:44.194Z</updated>
<content type="html"><![CDATA[<link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" class="aplayer-secondary-script-marker"></script><script class="meting-secondary-script-marker" src="\assets\js\Meting.min.js"></script><h3 id="续接第一篇文章的入门demo"><a href="#续接第一篇文章的入门demo" class="headerlink" title="续接第一篇文章的入门demo"></a>续接第一篇文章的入门demo</h3><p><a href="https://blog.csdn.net/m0_52931616/article/details/126527155?spm=1001.2014.3001.5501">SpringSecurity学习1-入门详解</a></p><h2 id="为什么要自定义控制器Handler?"><a href="#为什么要自定义控制器Handler?" class="headerlink" title="为什么要自定义控制器Handler?"></a>为什么要自定义控制器Handler?</h2><p>在上一篇的demo中,我们在登录成功后,跳转页面用到了successForwardUrl() ,表示成功后转发请求到地址。内部是通过 successHandler() 方法进行控制成功后交给哪个类进行处理</p><p>源码分析<br><img src="https://img-blog.csdnimg.cn/ff3f4fb0c4b34ec8acf993900bdf09a6.png" alt="在这里插入图片描述"><br>可以看到sucessForwardUrl将forwordUrl 转发给ForwardAuthenticationSuccessHandler类进行处理<br>而ForwardAuthenticationSuccessHandler类的内部是简单的请求转发<br><img src="https://img-blog.csdnimg.cn/af732eb984c44b55b0abd20a03cfb5ce.png" alt="在这里插入图片描述"><br>当我们需要请求跳转到站外的地址或者在前后端分离的项目中登录请求跳转时,使用successForwardUrl()是不行的,这就需要我们去自定义控制器</p><h2 id="自定义类"><a href="#自定义类" class="headerlink" title="自定义类"></a>自定义类</h2><p>自定义登录成功处理器,重写AuthenticationSuccessHandler接口中的方法</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.handler;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.Authentication;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.userdetails.User;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.web.authentication.AuthenticationSuccessHandler;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> javax.servlet.ServletException;</span><br><span class="line"><span class="keyword">import</span> javax.servlet.http.HttpServletRequest;</span><br><span class="line"><span class="keyword">import</span> javax.servlet.http.HttpServletResponse;</span><br><span class="line"><span class="keyword">import</span> java.io.IOException;</span><br><span class="line"></span><br><span class="line"><span class="comment">//自定义登陆成功处理器</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">MyAuthenticationSuccessHandler</span> <span class="keyword">implements</span> <span class="title class_">AuthenticationSuccessHandler</span> {</span><br><span class="line"> <span class="keyword">private</span> String url;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">public</span> <span class="title function_">MyAuthenticationSuccessHandler</span><span class="params">(String url)</span> {</span><br><span class="line"> <span class="built_in">this</span>.url = url;</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="keyword">public</span> <span class="keyword">void</span> <span class="title function_">onAuthenticationSuccess</span><span class="params">(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication)</span> <span class="keyword">throws</span> IOException, ServletException {</span><br><span class="line"> System.out.println(httpServletRequest.getRemoteAddr());<span class="comment">//获取ip地址</span></span><br><span class="line"> <span class="type">User</span> <span class="variable">user</span> <span class="operator">=</span> (User)authentication.getPrincipal();<span class="comment">//Principl主体存放了登录用户的信息</span></span><br><span class="line"> System.out.println(user.getAuthorities());<span class="comment">//权限</span></span><br><span class="line"> System.out.println(user.getPassword());<span class="comment">//出于安全考虑,输出null,无法查看</span></span><br><span class="line"> System.out.println(user.getUsername());</span><br><span class="line"> httpServletResponse.sendRedirect(url);<span class="comment">//重定向至设定的url</span></span><br><span class="line"> }</span><br><span class="line">}</span><br><span class="line"></span><br><span class="line"></span><br></pre></td></tr></table></figure><p>Authentication源码</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment">//源码</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">interface</span> <span class="title class_">Authentication</span> <span class="keyword">extends</span> <span class="title class_">Principal</span>, Serializable {</span><br><span class="line"> Collection<? <span class="keyword">extends</span> <span class="title class_">GrantedAuthority</span>> getAuthorities();<span class="comment">//获取权限</span></span><br><span class="line"></span><br><span class="line"> Object <span class="title function_">getCredentials</span><span class="params">()</span>;<span class="comment">//获取凭证</span></span><br><span class="line"></span><br><span class="line"> Object <span class="title function_">getDetails</span><span class="params">()</span>;<span class="comment">//获取详情</span></span><br><span class="line"></span><br><span class="line"> Object <span class="title function_">getPrincipal</span><span class="params">()</span>;<span class="comment">//获取对象</span></span><br><span class="line"></span><br><span class="line"> <span class="type">boolean</span> <span class="title function_">isAuthenticated</span><span class="params">()</span>;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">void</span> <span class="title function_">setAuthenticated</span><span class="params">(<span class="type">boolean</span> var1)</span> <span class="keyword">throws</span> IllegalArgumentException;</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p>同理 自定义登录失败处理器,重写AuthenticationFailureHandler接口中的方法</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.handler;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.AuthenticationException;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.web.authentication.AuthenticationFailureHandler;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> javax.servlet.ServletException;</span><br><span class="line"><span class="keyword">import</span> javax.servlet.http.HttpServletRequest;</span><br><span class="line"><span class="keyword">import</span> javax.servlet.http.HttpServletResponse;</span><br><span class="line"><span class="keyword">import</span> java.io.IOException;</span><br><span class="line"></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">MyAuthenticationFailureHandler</span> <span class="keyword">implements</span> <span class="title class_">AuthenticationFailureHandler</span> {</span><br><span class="line"> <span class="keyword">private</span> String url;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">public</span> <span class="title function_">MyAuthenticationFailureHandler</span><span class="params">(String url)</span> {</span><br><span class="line"> <span class="built_in">this</span>.url = url;</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="keyword">public</span> <span class="keyword">void</span> <span class="title function_">onAuthenticationFailure</span><span class="params">(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e)</span> <span class="keyword">throws</span> IOException, ServletException {</span><br><span class="line"> httpServletResponse.sendRedirect(url);</span><br><span class="line"> }</span><br><span class="line">}</span><br><span class="line"></span><br></pre></td></tr></table></figure><p>接下来需要去修改配置类,自定义控制器设定登录成功跳转到百度,登录失败跳转到知乎</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.config;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.context.annotation.Bean;</span><br><span class="line"><span class="keyword">import</span> org.springframework.context.annotation.Configuration;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.config.annotation.web.builders.HttpSecurity;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.crypto.password.PasswordEncoder;</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"><span class="meta">@Configuration</span></span><br><span class="line"><span class="comment">//自定义登录页</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">SecurityConfig</span> <span class="keyword">extends</span> <span class="title class_">WebSecurityConfigurerAdapter</span> {</span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="keyword">protected</span> <span class="keyword">void</span> <span class="title function_">configure</span><span class="params">(HttpSecurity http)</span><span class="keyword">throws</span> Exception{</span><br><span class="line"> <span class="comment">//登录</span></span><br><span class="line"> http.formLogin()</span><br><span class="line"> <span class="comment">//自定义登录页面</span></span><br><span class="line"> .loginPage(<span class="string">"/login.html"</span>)</span><br><span class="line"> <span class="comment">//必须和表单提交的接口一致</span></span><br><span class="line"> .loginProcessingUrl(<span class="string">"/login"</span>)</span><br><span class="line"> <span class="comment">//登录成功跳转的页面,POST请求</span></span><br><span class="line"> <span class="comment">//.successForwardUrl("/toMain")</span></span><br><span class="line"> <span class="comment">//自定义登陆成功处理器</span></span><br><span class="line"> .successHandler(<span class="keyword">new</span> <span class="title class_">MyAuthenticationSuccessHandler</span>(<span class="string">"https://www.baidu.com"</span>))</span><br><span class="line"> <span class="comment">//.successHandler(new MyAuthenticationSuccessHandler("/main.html"))</span></span><br><span class="line"> <span class="comment">//登录失败后跳转的页面,post请求</span></span><br><span class="line"> <span class="comment">//.failureForwardUrl("/toError")</span></span><br><span class="line"> <span class="comment">//自定义登陆失败处理器</span></span><br><span class="line"> .failureHandler(<span class="keyword">new</span> <span class="title class_">MyAuthenticationFailureHandler</span>(<span class="string">"https://www.zhihu.com"</span>));</span><br><span class="line"> <span class="comment">//.failureHandler(new MyAuthenticationFailureHandler("/error.html"));</span></span><br><span class="line"> <span class="comment">//授权</span></span><br><span class="line"> http.authorizeRequests()</span><br><span class="line"> <span class="comment">//放行login.html,无需验证</span></span><br><span class="line"> .antMatchers(<span class="string">"/login.html"</span>).permitAll()</span><br><span class="line"> <span class="comment">//放行error.html,无需验证</span></span><br><span class="line"> .antMatchers(<span class="string">"/error.html"</span>).permitAll()</span><br><span class="line"> <span class="comment">//所有请求都必须通过认证才能访问,(必须登录)</span></span><br><span class="line"> .anyRequest().authenticated();<span class="comment">//拦截所有请求,有先后顺序,anyRequest()放在最后</span></span><br><span class="line"> <span class="comment">//关闭csrf防护</span></span><br><span class="line"> http.csrf().disable();</span><br><span class="line"> }</span><br><span class="line"> <span class="meta">@Bean</span></span><br><span class="line"> <span class="keyword">public</span> PasswordEncoder <span class="title function_">getPw</span><span class="params">()</span>{</span><br><span class="line"> <span class="keyword">return</span> <span class="keyword">new</span> <span class="title class_">BCryptPasswordEncoder</span>();</span><br><span class="line"> }</span><br><span class="line">}</span><br><span class="line"></span><br></pre></td></tr></table></figure>]]></content>
<summary type="html"><link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" cla</summary>
</entry>
<entry>
<title>SpringSecurity入门详解-易霭珞</title>
<link href="https://yiailuo.github.io/hello-world/"/>
<id>https://yiailuo.github.io/hello-world/</id>
<published>2022-09-29T11:42:32.847Z</published>
<updated>2022-11-30T13:16:42.686Z</updated>
<content type="html"><![CDATA[<link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" class="aplayer-secondary-script-marker"></script><script class="meting-secondary-script-marker" src="\assets\js\Meting.min.js"></script><h3 id="1-安全框架概述"><a href="#1-安全框架概述" class="headerlink" title="1.安全框架概述"></a>1.安全框架概述</h3><p>什么是安全框架?解决系统安全问题的框架,如果没有安全框架,我们需要手动处理每个资源的访问控制,非常麻烦。使用安全框架,我们可以通过配置的方式实现对资源的访问控制</p><p>2.SpringSecurity:Spring家族的一员,是一个能够基于Spring的企业应用系统提供声明式的安全访问控制解决方案、高度自定义的安全框架。它提供了一组可以在Spring应用上下文中配置的Bean,充分利用了Spring IOC(控制反转Inversion of Control ),DI(Dependency Injecion 依赖注入)和AOP(面向切面编程)功能,为应用系统提供声明示的安全访问控制功能,减少了为企业系统安全控制编写大量重复代码的工作。它的核心功能是“认证”和“授权”。</p><h3 id="2-入门demo"><a href="#2-入门demo" class="headerlink" title="2.入门demo"></a>2.入门demo</h3><p>1.导入依赖</p><figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta"><?xml version=<span class="string">"1.0"</span> encoding=<span class="string">"UTF-8"</span>?></span></span><br><span class="line"><span class="tag"><<span class="name">project</span> <span class="attr">xmlns</span>=<span class="string">"http://maven.apache.org/POM/4.0.0"</span> <span class="attr">xmlns:xsi</span>=<span class="string">"http://www.w3.org/2001/XMLSchema-instance"</span></span></span><br><span class="line"><span class="tag"> <span class="attr">xsi:schemaLocation</span>=<span class="string">"http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">modelVersion</span>></span>4.0.0<span class="tag"></<span class="name">modelVersion</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">parent</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-starter-parent<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">version</span>></span>2.3.0.RELEASE<span class="tag"></<span class="name">version</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">relativePath</span>/></span> <span class="comment"><!-- lookup parent from repository --></span></span><br><span class="line"> <span class="tag"></<span class="name">parent</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>com.example<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spingsecurity-demo<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">version</span>></span>0.0.1-SNAPSHOT<span class="tag"></<span class="name">version</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">name</span>></span>spingsecurity-demo<span class="tag"></<span class="name">name</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">description</span>></span>spingsecurity-demo<span class="tag"></<span class="name">description</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">properties</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">java.version</span>></span>15<span class="tag"></<span class="name">java.version</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">properties</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependencies</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-starter-security<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-starter-web<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependency</span>></span></span><br><span class="line"></span><br><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-starter-test<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">scope</span>></span>test<span class="tag"></<span class="name">scope</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.security<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-security-test<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">scope</span>></span>test<span class="tag"></<span class="name">scope</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">dependencies</span>></span></span><br><span class="line"></span><br><span class="line"> <span class="tag"><<span class="name">build</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">plugins</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">plugin</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-maven-plugin<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">plugin</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">plugins</span>></span></span><br><span class="line"> <span class="tag"></<span class="name">build</span>></span></span><br><span class="line"></span><br><span class="line"><span class="tag"></<span class="name">project</span>></span></span><br><span class="line"></span><br></pre></td></tr></table></figure><p>Spring Security已经被Spring boot进行集成,使用时直接引入启动器即可。</p><figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.boot<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-boot-starter-security<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"><span class="tag"></<span class="name">dependency</span>></span></span><br></pre></td></tr></table></figure><p>2.访问页面<br>导入spring-boot-starter-security启动器后,Spring Security已经生效,默认拦截全部请求,如果用户没有登录,跳转到内置登录页面。<br>在浏览器中输入<a href="http://localhost:8080/login">http://localhost:8080/login</a><br><img src="https://img-blog.csdnimg.cn/8db5844174b94606890dfd367971fde0.png" alt="在这里插入图片描述"><br>默认的username是user,默认的随机密码password会打印在控制台(每次项目启动后的密码都不同)<br><img src="https://img-blog.csdnimg.cn/b9cfe87eb2204d3c9eade3a0a20aeada.png" alt="在这里插入图片描述"><br>3.可以自己自定义当前页面的用户名和密码<br>通过修改application.properties(application.yml)配置文件</p><figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">spring.security.user.name=yiailuo</span><br><span class="line">spring.security.user.password=yiailuo</span><br></pre></td></tr></table></figure><p>4.UserDetailsService详解<br><img src="https://img-blog.csdnimg.cn/93767da27b874c58b4425333de1e7fec.png" alt="在这里插入图片描述"><br>如果需要自定义登录逻辑需要实现UserDetailsService接口,它的返回值是UserDetails<br>也是一个接口<br><img src="https://img-blog.csdnimg.cn/263f8db000f742b8ab251ba296e2954b.png" alt="在这里插入图片描述"><br>13~25行分别对应获取权限,获取密码,获取用户名,账号是否过期,账号是否被锁定,密码是否过期,是否可用</p><p>5.PasswordEncoder详解<br><img src="https://img-blog.csdnimg.cn/5d14c777828d4a1ab5e83ca43e493754.png" alt="在这里插入图片描述"></p><p>encode() :把参数按照特定的解析规则进行解析。<br>matches() :验证从存储中获取的编码密码与编码后提交的原始密码是否匹配。如果密码<br>匹配,则返回 true;如果不匹配,则返回 false。第一个参数表示需要被解析的密码。第二<br>个参数表示存储的密码。<br>upgradeEncoding() :如果解析的密码能够再次进行解析且达到更安全的结果则返回<br>true,否则返回 false。默认返回 false。</p><p>6.自定义登录逻辑</p><ol><li>自定义逻辑</li></ol><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.service;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.beans.factory.annotation.Autowired;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.authority.AuthorityUtils;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.userdetails.User;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.userdetails.UserDetails;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.userdetails.UserDetailsService;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.core.userdetails.UsernameNotFoundException;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.crypto.password.PasswordEncoder;</span><br><span class="line"><span class="keyword">import</span> org.springframework.stereotype.Service;</span><br><span class="line"></span><br><span class="line"><span class="meta">@Service</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">UserDetailServiceImpl</span> <span class="keyword">implements</span> <span class="title class_">UserDetailsService</span> {</span><br><span class="line"> <span class="comment">//自定义登录逻辑</span></span><br><span class="line"> <span class="meta">@Autowired</span></span><br><span class="line"> <span class="keyword">private</span> PasswordEncoder passwordEncoder;</span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="keyword">public</span> UserDetails <span class="title function_">loadUserByUsername</span><span class="params">(String username)</span> <span class="keyword">throws</span> UsernameNotFoundException {</span><br><span class="line"> System.out.println(<span class="string">"执行自定义登陆逻辑"</span>);</span><br><span class="line"> <span class="comment">//1.根据用户名去数据库查询,如果不存在抛出UserNameNotFound异常(正常情况下是去数据库查)</span></span><br><span class="line"> <span class="comment">//这里只是一个简单demo</span></span><br><span class="line"> <span class="keyword">if</span>(!<span class="string">"yiailuo"</span>.equals(username)){</span><br><span class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> <span class="title class_">UsernameNotFoundException</span>(<span class="string">"用户名不存在"</span>);</span><br><span class="line"> }</span><br><span class="line"> <span class="comment">//2.比较密码(注册时已经加密过的,如果匹配成功返回UserDetails)</span></span><br><span class="line"> <span class="type">String</span> <span class="variable">password</span> <span class="operator">=</span> passwordEncoder.encode(<span class="string">"yiailuo"</span>);</span><br><span class="line"> <span class="keyword">return</span> <span class="keyword">new</span> <span class="title class_">User</span>(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList(<span class="string">"admin,normal,ROLE_abc"</span>));<span class="comment">//权限列表</span></span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line">}</span><br></pre></td></tr></table></figure><p>这里UserDetails实现User类的实例<br>导包时注意!!!<br>User类属于import org.springframework.security.core.userdetails.User;并不是自己创建的User类。<br>有两个构造方法任选其一即可<br><img src="https://img-blog.csdnimg.cn/78aa5c4db18b4e9f8fbf5ef6e1f6e1c6.png" alt="在这里插入图片描述"></p><ol start="2"><li>自定义登录页面</li></ol><p>登录页面login.html等静态资源放在resource/static文件夹里<br>login.html</p><figure class="highlight html"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta"><!DOCTYPE <span class="keyword">html</span>></span></span><br><span class="line"><span class="tag"><<span class="name">html</span> <span class="attr">lang</span>=<span class="string">"en"</span>></span></span><br><span class="line"><span class="tag"><<span class="name">head</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">meta</span> <span class="attr">charset</span>=<span class="string">"UTF-8"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">title</span>></span>登录<span class="tag"></<span class="name">title</span>></span></span><br><span class="line"><span class="tag"></<span class="name">head</span>></span></span><br><span class="line"><span class="tag"><<span class="name">body</span>></span></span><br><span class="line"><span class="tag"><<span class="name">form</span> <span class="attr">action</span>=<span class="string">"/login"</span> <span class="attr">method</span>=<span class="string">"post"</span>></span></span><br><span class="line"> 用户名:<span class="tag"><<span class="name">input</span> <span class="attr">type</span>=<span class="string">"text"</span> <span class="attr">name</span>=<span class="string">"username"</span>/></span><span class="tag"><<span class="name">br</span>/></span></span><br><span class="line"> 密码:<span class="tag"><<span class="name">input</span> <span class="attr">type</span>=<span class="string">"password"</span> <span class="attr">name</span>=<span class="string">"password"</span>/></span><span class="tag"><<span class="name">br</span>/></span></span><br><span class="line"> <span class="tag"><<span class="name">input</span> <span class="attr">type</span>=<span class="string">"submit"</span> <span class="attr">value</span>=<span class="string">"登录"</span>/></span></span><br><span class="line"><span class="tag"></<span class="name">form</span>></span></span><br><span class="line"><span class="tag"></<span class="name">body</span>></span></span><br><span class="line"><span class="tag"></<span class="name">html</span>></span></span><br></pre></td></tr></table></figure><p>登录成功的页面main.html</p><figure class="highlight html"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta"><!DOCTYPE <span class="keyword">html</span>></span></span><br><span class="line"><span class="tag"><<span class="name">html</span> <span class="attr">lang</span>=<span class="string">"en"</span>></span></span><br><span class="line"><span class="tag"><<span class="name">head</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">meta</span> <span class="attr">charset</span>=<span class="string">"UTF-8"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">title</span>></span>登陆成功<span class="tag"></<span class="name">title</span>></span></span><br><span class="line"><span class="tag"></<span class="name">head</span>></span></span><br><span class="line"><span class="tag"><<span class="name">body</span>></span></span><br><span class="line">登陆成功!!!<span class="tag"><<span class="name">a</span> <span class="attr">href</span>=<span class="string">"main1.html"</span>></span>跳转<span class="tag"></<span class="name">a</span>></span></span><br><span class="line"><span class="tag"></<span class="name">body</span>></span></span><br><span class="line"><span class="tag"></<span class="name">html</span>></span></span><br></pre></td></tr></table></figure><p>登录失败的页面error.html</p><figure class="highlight html"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta"><!DOCTYPE <span class="keyword">html</span>></span></span><br><span class="line"><span class="tag"><<span class="name">html</span> <span class="attr">lang</span>=<span class="string">"en"</span>></span></span><br><span class="line"><span class="tag"><<span class="name">head</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">meta</span> <span class="attr">charset</span>=<span class="string">"UTF-8"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">title</span>></span>Title<span class="tag"></<span class="name">title</span>></span></span><br><span class="line"><span class="tag"></<span class="name">head</span>></span></span><br><span class="line"><span class="tag"><<span class="name">body</span>></span></span><br><span class="line">操作失败,请重新登录<span class="tag"><<span class="name">a</span> <span class="attr">href</span>=<span class="string">"/login.html"</span>></span>跳转<span class="tag"></<span class="name">a</span>></span></span><br><span class="line"><span class="tag"></<span class="name">body</span>></span></span><br><span class="line"><span class="tag"></<span class="name">html</span>></span></span><br></pre></td></tr></table></figure><p>编写配置类<br>WebSecurityConfigurerAdapter在SpringSecurity5.7版本弃用了</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.config;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.context.annotation.Bean;</span><br><span class="line"><span class="keyword">import</span> org.springframework.context.annotation.Configuration;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.config.annotation.web.builders.HttpSecurity;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;</span><br><span class="line"><span class="keyword">import</span> org.springframework.security.crypto.password.PasswordEncoder;</span><br><span class="line"></span><br><span class="line"></span><br><span class="line"><span class="meta">@Configuration</span></span><br><span class="line"><span class="comment">//自定义登录页</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">SecurityConfig</span> <span class="keyword">extends</span> <span class="title class_">WebSecurityConfigurerAdapter</span> {</span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="keyword">protected</span> <span class="keyword">void</span> <span class="title function_">configure</span><span class="params">(HttpSecurity http)</span><span class="keyword">throws</span> Exception{</span><br><span class="line"> <span class="comment">//登录</span></span><br><span class="line"> http.formLogin()</span><br><span class="line"> <span class="comment">//自定义登录页面</span></span><br><span class="line"> .loginPage(<span class="string">"/login.html"</span>)</span><br><span class="line"> <span class="comment">//必须和表单提交的接口一致</span></span><br><span class="line"> .loginProcessingUrl(<span class="string">"/login"</span>)</span><br><span class="line"> <span class="comment">//登录成功跳转的页面,POST请求</span></span><br><span class="line"> .successForwardUrl(<span class="string">"/toMain"</span>)</span><br><span class="line"> <span class="comment">//登录失败后跳转的页面,post请求</span></span><br><span class="line"> .failureForwardUrl(<span class="string">"/toError"</span>)</span><br><span class="line"> <span class="comment">//授权</span></span><br><span class="line"> http.authorizeRequests()</span><br><span class="line"> <span class="comment">//放行login.html,无需验证</span></span><br><span class="line"> .antMatchers(<span class="string">"/login.html"</span>).permitAll()</span><br><span class="line"> <span class="comment">//放行error.html,无需验证</span></span><br><span class="line"> .antMatchers(<span class="string">"/error.html"</span>).permitAll()</span><br><span class="line"> <span class="comment">//所有请求都必须通过认证才能访问,(必须登录)</span></span><br><span class="line"> .anyRequest().authenticated();<span class="comment">//拦截所有请求,有先后顺序,anyRequest()放在最后</span></span><br><span class="line"> <span class="comment">//关闭csrf防护</span></span><br><span class="line"> http.csrf().disable();</span><br><span class="line"> }</span><br><span class="line"> <span class="meta">@Bean</span></span><br><span class="line"> <span class="keyword">public</span> PasswordEncoder <span class="title function_">getPw</span><span class="params">()</span>{</span><br><span class="line"> <span class="keyword">return</span> <span class="keyword">new</span> <span class="title class_">BCryptPasswordEncoder</span>();</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p>编写控制器</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">package</span> com.example.demo.controller;</span><br><span class="line"></span><br><span class="line"><span class="keyword">import</span> org.springframework.stereotype.Controller;</span><br><span class="line"><span class="keyword">import</span> org.springframework.web.bind.annotation.RequestMapping;</span><br><span class="line"></span><br><span class="line"><span class="meta">@Controller</span></span><br><span class="line"><span class="keyword">public</span> <span class="keyword">class</span> <span class="title class_">LoginController</span> {</span><br><span class="line"> <span class="meta">@RequestMapping("/toMain")</span></span><br><span class="line"> <span class="keyword">public</span> String <span class="title function_">main</span><span class="params">()</span>{</span><br><span class="line"> <span class="keyword">return</span> <span class="string">"redirect:main.html"</span>;</span><br><span class="line"> }</span><br><span class="line"> <span class="meta">@RequestMapping("/toError")</span></span><br><span class="line"> <span class="keyword">public</span> String <span class="title function_">error</span><span class="params">()</span>{</span><br><span class="line"> <span class="keyword">return</span> <span class="string">"redirect:error.html"</span>;</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p>启动项目后的登录页面<br><img src="https://img-blog.csdnimg.cn/5695592df6e64966aabf49eb3303fec0.png" alt="在这里插入图片描述"><br>输入设置好的用户名和密码,点击登录即可跳转到main.html,输入错误的用户名和密码即可跳转到error.html<br><img src="https://img-blog.csdnimg.cn/9cdb1b462ee744d88a35e554a2003446.png" alt="在这里插入图片描述"><br><img src="https://img-blog.csdnimg.cn/82489d58e26a4b059bad0bef2dcfdfaa.png" alt="在这里插入图片描述"></p><p><img src="https://img-blog.csdnimg.cn/2671428ff4414f2a91d439933fff0014.png" alt="在这里插入图片描述"></p>]]></content>
<summary type="html"><link rel="stylesheet" class="aplayer-secondary-style-marker" href="\assets\css\APlayer.min.css"><script src="\assets\js\APlayer.min.js" cla</summary>
</entry>
</feed>