在配置类中实现相关的配置
@Overrideprotected void configure(HttpSecurity http) throws Exception {http.formLogin() //自定义自己编写的登陆页面.loginPage("/login.html") //登陆页面设置.loginProcessingUrl("/user/login") //登陆访问路径.defaultSuccessUrl("/test/index").permitAll() //登陆成功之后,跳转路径.and().authorizeRequests().antMatchers("/","/test/hello","/user/login").permitAll() //设置哪些路径可以直接访问,不需要认证.anyRequest().authenticated().and().csrf().disable(); //关闭csrf防护}
创建出相关页面,controller
- login.html
<!DOCTYPE html>
<html lang="en">
<head><meta charset="UTF-8"><title>Title</title>
</head>
<body><form action="/user/login" method="post">用户名:<input type = "text" name = "username"><br/>密码:<input type = "text" name = "password"><br/><input type = "submit" value = "login"></form></body>
</html>
特别注意,表单那两个value必须是username和password,阅读UsernamePasswordAuthenticationFilter的源码就知道为什么了!
- controller
package com.atguigu.securitydemo1.controller;import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;@RestController
@RequestMapping("/test")
public class TestController {@GetMapping("hello")public String hello(){return "hello security";}@GetMapping("index")public String index(){return "hello index";}}测试
![[SpringSecurity]web权限方案_用户授权_基于权限访问控制_基于角色访问控制_hasAuthority和hasAnyAuthority_hasRole和hasAnyRole](https://img-blog.csdnimg.cn/a33cbdc7300f406db3d3c1f2d1cc04d6.png)
![[SpringSecurity]web权限方案_用户授权_自定义403页面](https://img-blog.csdnimg.cn/de356fcc25f849f499cb0795fb29ffec.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringSecurity]web权限方案_用户注销](https://img-blog.csdnimg.cn/c8721bdab3e5436d9475d17d91f6628a.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringSecurity]web权限方案_自动登陆_原理分析和具体实现](https://img-blog.csdnimg.cn/4afe21dce03f4de5ac0c38c9c14c10ba.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringSecurity]web权限方案_CSRF功能](https://img-blog.csdnimg.cn/36caa09cce154063a5c072a00fed4339.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringSecurity]web权限方案_用户授权_注解使用](https://img-blog.csdnimg.cn/32341ac397d14b638299cd02e60abedc.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringBoot2]@MatrixVariableUrlPathHelper](https://img-blog.csdnimg.cn/b012cf636a8d470b9e5ab1424fcb2e60.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringBoot2]Thymeleaf](https://img-blog.csdnimg.cn/30dce7aed2994f4390a5bf617f1875da.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBA5ZSQ54Gr,size_20,color_FFFFFF,t_70,g_se,x_16)
![[SpringBoot2]拦截器](https://img-blog.csdnimg.cn/e61d740673514394b841f789e649de71.png)
![[SpringBoot2]错误处理_默认规则](https://img-blog.csdnimg.cn/db2aeb4dbdca4c3d88def95d203a4dd2.png)