使用spring-security配置数据库登录&密码加密 我不是女神ヾ 2022-05-17 03:05 140阅读 0赞 直接上代码security.xml <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:dubbo="http://code.alibabatech.com/schema/dubbo" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <!-- 设置页面不登陆也可以访问 --> <http pattern="/*.html" security="none"></http> <http pattern="/css/**" security="none"></http> <http pattern="/img/**" security="none"></http> <http pattern="/js/**" security="none"></http> <http pattern="/plugins/**" security="none"></http> <http pattern="/seller/add.do" security="none"></http> <!-- 页面的拦截规则 use-expressions:是否启动SPEL表达式 默认是true --> <http use-expressions="false"> <!-- 当前用户必须有ROLE_USER的角色 才可以访问根目录及所属子目录的资源 --> <intercept-url pattern="/**" access="ROLE_SELLER"/> <!-- 开启表单登陆功能 --> <form-login login-page="/shoplogin.html" default-target-url="/admin/index.html" authentication-failure-url="/shoplogin.html" always-use-default-target="true"/> <csrf disabled="true"/> <!-- 允许使用内置框架页面 --> <headers> <frame-options policy="SAMEORIGIN"/> </headers> <logout/> </http> <!-- 认证管理器 --> <authentication-manager> <authentication-provider user-service-ref="UserDetailsService"> <password-encoder ref="bcryptEncoder"></password-encoder> </authentication-provider> </authentication-manager> <beans:bean id="UserDetailsService" class="com.pinyougou.service.UserDetailsServiceImpl"> <beans:property name="sellerService" ref="sellerService"></beans:property> </beans:bean> <!-- 引用dubbo 服务 --> <dubbo:application name="pinyougou-shop-web" /> <dubbo:registry address="zookeeper://192.168.3.101:2181"/> <dubbo:reference id="sellerService" interface="com.pinyougou.sellergoods.service.SellerService"></dubbo:reference> <beans:bean id="bcryptEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></beans:bean> </beans:beans> 需要注意的是: ![70][] ![70 1][] ** java方法加密过程!!** **先把不加密的密码取出,在通过BCryptPasswordEncoder类加密,然后再设置到对象的password中** ![70 2][] **UserDetailsServiceImpl.java (这是一个security远程调用service实现获取数据库user表内容的类)** **不能使用@Autowrie 注入sellerService 而是通过配置文件中dubbo进行远程调用service** ![70 3][] [70]: /images/20220517/846d17d0492d45a493370af7d3b4ec1b.png [70 1]: /images/20220517/132601ed298f4644b31aad32f2b65b80.png [70 2]: /images/20220517/e66366a159e543c89c13cd04f303d1c9.png [70 3]: /images/20220517/d05a0a865c47444aa07005a5959ae1b7.png
还没有评论,来说两句吧...