使用spring-security配置数据库登录&密码加密

我不是女神ヾ 2022-05-17 03:05 140阅读 0赞

直接上代码security.xml

<?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xmlns:dubbo="http://code.alibabatech.com/schema/dubbo"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
    	 					http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd
    						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
    
    	
    	<http pattern="/*.html" security="none"></http>
    	<http pattern="/css/**" security="none"></http>
    	<http pattern="/img/**" security="none"></http>
    	<http pattern="/js/**" security="none"></http>
    	<http pattern="/plugins/**" security="none"></http>
    	<http pattern="/seller/add.do" security="none"></http>
    
    	
    	<http use-expressions="false">
    		
    		<intercept-url pattern="/**" access="ROLE_SELLER"/>
    		
    		<form-login  login-page="/shoplogin.html" default-target-url="/admin/index.html" authentication-failure-url="/shoplogin.html" always-use-default-target="true"/>
    		<csrf disabled="true"/>
    		
    		<headers>
    			<frame-options policy="SAMEORIGIN"/>
    		</headers>
    		<logout/>
    	</http>
    	
    	
    	<authentication-manager>
    		<authentication-provider user-service-ref="UserDetailsService">
    			<password-encoder ref="bcryptEncoder"></password-encoder>
    		</authentication-provider>	
    	</authentication-manager>
    	
    	<beans:bean id="UserDetailsService" class="com.pinyougou.service.UserDetailsServiceImpl">
    		<beans:property name="sellerService" ref="sellerService"></beans:property>
    	</beans:bean>
    	
    	
    	<dubbo:application name="pinyougou-shop-web" />
    	<dubbo:registry address="zookeeper://192.168.3.101:2181"/>
    	<dubbo:reference id="sellerService" interface="com.pinyougou.sellergoods.service.SellerService"></dubbo:reference>
    	
    	<beans:bean id="bcryptEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></beans:bean>
    	
    </beans:beans>

需要注意的是：

![70][]

![70 1][]

** java方法加密过程！！**

**先把不加密的密码取出，在通过BCryptPasswordEncoder类加密，然后再设置到对象的password中**

![70 2][]

**UserDetailsServiceImpl.java （这是一个security远程调用service实现获取数据库user表内容的类）**

**不能使用@Autowrie 注入sellerService   而是通过配置文件中dubbo进行远程调用service**

![70 3][]

[70]: /images/20220517/846d17d0492d45a493370af7d3b4ec1b.png
[70 1]: /images/20220517/132601ed298f4644b31aad32f2b65b80.png
[70 2]: /images/20220517/e66366a159e543c89c13cd04f303d1c9.png
[70 3]: /images/20220517/d05a0a865c47444aa07005a5959ae1b7.png

使用spring-security配置数据库登录&密码加密

发表评论取消回复

还没有评论，来说两句吧...

相关阅读