catalogue
Let's start with custom jsp pages
Connect to database query user name and password
Connect to database and query data
My information is relatively backward. I only know one thing today. The following is from the official website. Whether to study or not, let's make our own choices.
Everyone understands what it means.
The Spring Security OAuth project is deprecated. The latest OAuth 2.0 support is provided by Spring Security. See the OAuth 2.0 Migration Guide for further details.
It is no longer maintained
Add: on April 15, 2020, the Spring team announced a new Spring Authorization Server project to continue to provide support for the Spring Authorization Server.
Pre knowledge
https://blog.csdn.net/wai_58934/article/details/122350502?spm=1001.2014.3001.5501Custom landing page
Let's start with custom jsp pages
thymeleaf is introduced to facilitate access to jsp
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>Configure the path prefix and suffix because I put the jsp page under templates under resources
spring.thymeleaf.prefix=classpath:/templates/ spring.thymeleaf.suffix=.jsp
Customize a controller that jumps to jsp, and you can comment out the WebViewConfig written before
@Controller
public class PageController {
@RequestMapping("/loginx")
public String login(){
return "loginx";
}
}
Give a random jsp landing page
<html>
<head>
<title>login.jsp page</title>
</head>
<body>
//This action should cooperate with the loginprocessing URL chained method under the overridden configure in the WebSecurityConfig class, as described below
<form action="login" method="post" name=form>
<font size="5">Login interface</font><br>
user name:<input type="text" value="" name="username"><br>
password:<input type="text" value="" name="password"><br>
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>configure WebSecurityConfig. The configuration is basically the same as that of the pre knowledge blog. Only the rewritten configuration is displayed
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable() //New. Turn off csrf verification. This function needs to be turned off temporarily before it can be used normally
.authorizeRequests()
.antMatchers("/q/q1").hasAuthority("a")
.antMatchers("/q/q2").hasAuthority("b")
.antMatchers("/q/**").authenticated()
.anyRequest().permitAll()
.and()
.formLogin()
.loginPage("/loginx")//Add and configure the corresponding page, that is, the jsp we wrote
.loginProcessingUrl("/login")//Add and configure the corresponding action when submitting
.successForwardUrl("/loginsuccess");
}The above statement has been very detailed and simple. There are not many things that need to be changed.
Customize the use vue page
It's a little late today. I'll write the next article
Connect to database query user name and password
Before (I), we set the user to the memory, and we would query the database during normal development
Connect to database and query data
Needless to say, I won't move here
to configure
We just need to inherit UserDetailsService and give it to the spring container. Remember to delete the person previously written in memory.
@Component
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
UserService userService;
@Override
//The parameter username here is the account passed over when you log in
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//Query by name from database
UserDao user = userService.getByName(username);
//If there is no such person, null is returned
if (user==null){
return null;
}
//Only account password authentication is mentioned here, not authorization, so it is statically written as p1
UserDetails userDetails = User.withUsername(user.getUsername()).password(user.getpassword()).authorities("p1").build();
return userDetails;
}
}You can test it yourself