springBoot中Security的使用

springBoot中Security的使用

需要有自动装配

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {//链式编程@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/页面").hasRole("角色名1").antMatchers("/页面2").hasRole("角色名2");//没有登录就会自动跳转到登录页（自带的）//可以自定义如下：定制登录页http.formLogin().loginPage("/toLogin").usernameParameter("userName").passwordParameter("passWord").loginProcessingUrl("/login");//防止网站工具：get,posthttp.csrf().disable();//关闭csrf功能，登陆失败肯存在的原因//注销http.logout().logoutSuccessUrl("/");}//认证@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("userName1").password(new BCryptPasswordEncoder().encode("password1")).roles("角色名1","角色名2").and().withUser("userName2").password(new BCryptPasswordEncoder().encode("password2")).roles("角色名3","角色名4");}
}