package com.vismee.springmvcsecurity.security;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.provisioning.JdbcUserDetailsManager;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import javax.sql.DataSource;
@Configuration
public class SecurityConfig
{
@Bean
public UserDetailsManager userDetailsManager(DataSource dataSource)
{
JdbcUserDetailsManager manager = new JdbcUserDetailsManager(dataSource);
manager.setUsersByUsernameQuery("select user_id, pw, active from members where user_id=?");
manager.setAuthoritiesByUsernameQuery("select user_id, role from roles where user_id=?");
return manager;
}
/* Using Spring Security Db Default Schema
@Bean
public UserDetailsManager userDetailsManager(DataSource dataSource)
{
return new JdbcUserDetailsManager(dataSource);
}
*/
/* In Memory authentication
@Bean
public InMemoryUserDetailsManager userDetailsManager()
{
UserDetails john = User.builder().
username("john").
password("{noop}john123").
roles("EMPLOYEE").
build();
UserDetails mary = User.builder().
username("mary").
password("{noop}mary123").
roles("MANAGER").
build();
UserDetails susan = User.builder().
username("susan").
password("{noop}susan123").
roles("ADMIN").
build();
return new InMemoryUserDetailsManager(john,mary,susan);
}
*/
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception
{
http.
// To setup role based access
authorizeHttpRequests(configurer -> configurer.
requestMatchers("/").hasAnyRole("EMPLOYEE","MANAGER","ADMIN").
requestMatchers("/courseMaterials/**").hasAnyRole("MANAGER", "ADMIN").
requestMatchers("/courseFees/**").hasRole("ADMIN").
anyRequest().authenticated()).
// Configuring custom access denied page for forbidden access
exceptionHandling(configurer -> configurer.accessDeniedPage("/accessDenied")).
/* Referencing custom login form instead of Spring Boot default login form
/showLogin - request mapping that we need to create to show the login form
/authenticateUser - the login form should post/submit the data to this url for processing. No need to create this code.
*/
formLogin(form -> form.loginPage("/showLogin").loginProcessingUrl("/authenticateUser").permitAll()).
/*
Configuring application logout support. This will by default expose the url /logout
for logging out of the application. We need to create logout button wherever needed
as a form button so that it can post the data to Url /logout. And we dont want to create
code for /logout.
Spring Boot handles logging out of the application by
1. Invalidating user's HTTP session and session cookies
2. Sending user back to login page
3. Appending ?logout parameter in url
*/
logout(logout -> logout.permitAll());
return http.build();
}
}
没有合适的资源?快使用搜索试试~ 我知道了~
Spring MVC Security-添加自定义登录表单,显示无效凭据、基于角色的访问、自定义访问被拒绝的错误消息.zip
共21个文件
html:6个
java:5个
sql:3个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 76 浏览量
2024-01-09
14:31:13
上传
评论
收藏 76KB ZIP 举报
温馨提示
Spring MVC Security-添加自定义登录表单,显示无效凭据、基于角色的访问、自定义访问被拒绝的错误消息.zip
资源推荐
资源详情
资源评论
收起资源包目录
Spring MVC Security-添加自定义登录表单,显示无效凭据、基于角色的访问、自定义访问被拒绝的错误消息.zip (21个子文件)
SpringMVCSecurity-master
mvnw.cmd 7KB
sql-scripts
employee-directory.sql 705B
04-setup-spring-security-demo-database-plaintext.sql 1KB
05-setup-spring-security-demo-database-bcrypt.sql 1KB
pom.xml 2KB
src
test
java
com
vismee
springmvcsecurity
SpringmvcsecurityApplicationTests.java 231B
main
resources
application.properties 210B
templates
home.html 1KB
login-prettypage.html 2KB
course-material.html 453B
login-page.html 580B
access-denied.html 287B
course-fee.html 458B
java
com
vismee
springmvcsecurity
SpringmvcsecurityApplication.java 343B
security
SecurityConfig.java 4KB
controller
LoginController.java 427B
HomeController.java 507B
.mvn
wrapper
maven-wrapper.properties 233B
maven-wrapper.jar 61KB
mvnw 11KB
.gitignore 395B
1
共 21 条
- 1
资源评论
GZM888888
- 粉丝: 174
- 资源: 2927
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功