oauth2其實就是在security上在加一層
一。系統頁登錄
導入security包
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
properties
server.port=9002
配置config
@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired private UserDetailService userDetailService; @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailService); } }
配置UserServer用於驗證賬號 loadUserByUsername這里是直接寫死的返回個User 可以直接替換成redis 或者數據庫 看個人需求
@Service(value = "userDetailService") public class UserDetailService implements UserDetailsService { @Autowired private PasswordEncoder passwordEncode; public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { System.out.println("username=" + username); List<GrantedAuthority> list = new ArrayList<GrantedAuthority>(); list.add(new SimpleGrantedAuthority("ROLE_USER")); User auth_user = new User("test", passwordEncode.encode("123456"), list); return auth_user; } @Bean PasswordEncoder passwordEncoder() { return PasswordEncoderFactories.createDelegatingPasswordEncoder();
} }
配置個Controller用於跳轉
@RestController public class OAuthController { @RequestMapping("/") String home(HttpServletRequest req,HttpServletResponse res) {return "hello world"; } }
默認使用的是自帶的登錄頁面
訪問地址http://localhost:9002/login
輸入上面的賬號 test 密碼 123456
登錄成功
二。自定也登錄頁面
@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired private UserDetailService userDetailService; @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailService); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/","/hello","/login2","/aouth").permitAll() //指定不需要驗證的頁面,其他的默認會跳轉到登錄頁 .anyRequest() .authenticated() .and() .formLogin() //支持表單提交 .loginPage("/login2").permitAll() //自定義登錄頁面 .failureForwardUrl("/error") //自定也錯誤 .loginProcessingUrl("/login") //提交action 也就是form表單中的action login會調用security的登錄不用自己實現 .successForwardUrl("/hello") //登錄成功頁面 .and().logout() .permitAll(); // System.out.println(http.toString()); } }
前端登錄頁面
_csrf.token 這個非常重要 不然源碼攔截器中默認會把response的response.isCommitted() 設為true 導致無限返回錯誤頁面
isCommitted 在數據輸出前是false 數據輸出完成為true
login.ftl 放在templete下面
<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"> <head> <title>Spring Security Example </title> </head> <body> <form action="login" method="post"> <div><label> 用戶名 : <input type="text" name="username" style="width:30%;height:100px;" value="dikeboy"/> </label></div> <div><label> 密 碼 : <input type="password" name="password" style="width:30%;height:100px;" value="123456"/> </label></div> <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"> <div><input type="submit" value="登錄" style="width:30%;height:100px;"/></div> </form> </body> </html>
定義個Controller
@Controller public class WebController { @RequestMapping("/") public ModelAndView Add(HttpServletRequest request,HttpServletResponse response){ Map<String,String> map =new HashMap<String,String>(); map.put("name", "zhangshan"); map.put("link","/login"); ModelAndView mv = new ModelAndView(); mv.setViewName("index"); mv.addObject("user",map); return mv; } @RequestMapping("/hello") public String hello() { System.out.println("hello"); return "hello"; } @RequestMapping("/login2") public String login() { System.out.println("login"); return "mlogin"; } }
其它幾個WEB頁面都比較簡單 隨便弄就行 測試
localhost:9092
登錄成功
