Programming VIP

1: Project background: after fishing, I'm going to write a project to consolidate myself. There are some cd problems in the process of code project. You may have encountered them. Share my summary again. I want to use spring cloud + vue to write a front and back-end separated project. Because I haven't learned vue yet, hahaha, hahaha, so I make ...

scene Take over an old project: Start with POM xml ...slightly <dependency> <groupId>org.springframework</groupId> <artifactId>spring-webmvc</artifactId> <version>4.2.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework</groupId> ...

Integrating spring security, spring boot and redis, jwt realizes the function of separate login authentication and picture verification code at the front and back ends First, we need to understand the general implementation process of the spring security filter chain: That is, when a user initiates a request, he will enter the Security filter ...

Original Address Starting with ThreadLocal, ThreadLocal can be understood as a Map bound to the current thread, where key is the current thread and value is the object to store. When we are in the same thread, we can get the value through the get() method. If get () is called on the A thread set(object) and then on the B thread, the key is A b ...

The object of Spring Security authentication and authorization is the user. The user mentioned here can be defined in the configuration file, stored in the database table, or automatically created by Spring Security (Spring Security will automatically create the user when there is no user or user source related configuration), Spring Security u ...

PasswordEncoder is an interface provided by Spring Security. It is called password parser. This interface is mainly used to process passwords. The source code is as follows: public interface PasswordEncoder { /** * Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or * greater hash combined with an 8-byte or g ...

CSRF (Cross-site request forgery), Chinese name: Cross-site request forgery, also known as one click attack/session riding, abbreviated as CSRF/XSRF. You can understand CSRF attacks as follows: an attacker steals your identity and sends malicious requests on your behalf. CSRF can do things like send mail on your behalf, send messages, steal yo ...

Implement AbstractAuthenticationToken custom authentication object In the spring security Authentication process, the core object is Authentication, which is used to store various basic information of the subject (such as user name, password, Department, etc.) and Authentication information of the subject (such as interface permission). ...

For space reasons, please refer to this article to realize the login function first https://blog.csdn.net/grd_java/article/details/121925792 1, Database tables, and entity classes Because the front end is written by VUE, components and paths need to be saved sql statements for all libraries 2, Menu management TODO fi ...

spring security authentication source code tracking ​ Before tracking the authentication source code, let's explain the internal principle of security according to the official website, mainly based on a series of filter s. You can https://docs.spring.io/spring-security/site/docs/5.5.3/reference/html5/#servlet-hello, check the relevant docum ...