測試權限

登錄http://localhost:8080/
在這里插入圖片描述
點擊會員中心，嘗試訪問受限的頁面http://localhost:8080/home，由于未登錄，結果被強制跳轉到登錄頁面http://localhost:8080/login

2）輸入正確的用戶名和密碼(admin 和lzhonghua)之后，跳轉到之前想要訪問的/home

3）單擊登出按鈕，回到登錄頁面

項目結構

引入依賴

<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-thymeleaf</artifactId></dependency><dependency><groupId>org.thymeleaf.extras</groupId><artifactId>thymeleaf-extras-springsecurity5</artifactId></dependency>

創建權限開放的頁面

welcome.html

<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5"> <head><meta charset="UTF-8"><title>Spring Security 案例</title> </head> <body><h1>Welcome!</h1> <p><a th:href="@{/home}">會員中心</a></p> </body> </html>

創建需要權限驗證的頁面

home.html

<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"xmlns:sec="http://www.thymeleaf.org/thymeleaf-extra-springsecurity5"> <head><meta charset="UTF-8"><title>home</title> </head> <body> <p>會員中心</p> <p th:inline="text">Hello <span sec:anthentication="name"></span></p> <form th:action="@{/logout}" method="post"><input type="submit" value="登出"/> </form> </body> </html>

配置spring security

1）配置spring MVC
WebMvcConfig.java

package com.example.demo.config;import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;@Configuration public class WebMvcConfig implements WebMvcConfigurer{@Overridepublic void addViewControllers(ViewControllerRegistry registry){//設置登錄處理操作registry.addViewController("/home").setViewName("springsecurity/home");registry.addViewController("/").setViewName("springsecurity/welcome");registry.addViewController("/login").setViewName("springsecurity/login");} }

2）配置spring security
Web

package com.example.demo.config;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter{@Overrideprotected void configure(HttpSecurity http) throws Exception{http.authorizeRequests().antMatchers("/", "/welcome","/login").permitAll().anyRequest().authenticated().and().formLogin().loginPage("/login").defaultSuccessUrl("/home").and().logout().permitAll();}@Autowiredpublic void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())//指定編碼方式.withUser("admin").password("$2a$10$Q21imUyxDeshQ2tQBUfJKuBHbmuyTsZYoCMRmGi5UcOIavevauZwS").roles("USER");//密碼是lzhonghua} }

創建登錄頁面

login.html

<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5"> <head><meta charset="UTF-8"><title>Spring Security Example</title> </head> <body> <div th:if="${param.error}">無效的用戶名或密碼</div> <div th:if="${param.logout}">你已經登出</div> <form th:action="@{/login}" method="post"><div><label>用戶名：<input type="text" name="username"/></label></div><div><label>密碼：<input type="password" name="password"/></label></div><div><input type="submit",value="登錄"/></div></form> </body> </html>

踩坑：注意在IDEA中創建項目的時候注意創建web項目，第一次好像點擊錯誤，沒有點擊web，總是顯示找不到login模板。

總結

以上是生活随笔為你收集整理的用Spring Security实现后台登录及权限认证功能的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。