整体结构===》》》
1,springboot2.0整合springSecurity5.1.1
2,mysql--->>InnoDB
3,持久层我用的是用MybatiysPlus(这里就不写关于这个的了,基本是查)
4,web服务不是jar服务
5,数据库表=》账户表/角色表/权限表/账户角色关联表/角色权限关联表
6,需要说一下的是角色表,给框架返回的角色码需要以ROLE_开头,
例如;
实现功能:
spring boot整合security
1,基于内存账户登陆
2,自定义数据库账户角色权限登陆
3,结合security推荐加密账户密码
4,自定义捕获无权限访问异常信息
5,控制session会话并捕获超时异常
二:===================================================
去年写过关于这两个框架的东西,但现在回头看以前写的纯粹是废纸一张,不知道有没有误人子弟;
========================pom.xml==========================
<====================application.yml=========================
#action YAML配置式
logging:level:org.springframework: INFOcom.example: DEBUG
#服务端口
server:port: 8080servlet:session:#spring boot升级后必须要加时间标识秒timeout:10s
spring: datasource: url: jdbc:mysql://127.0.0.1:3306/databaseName?useUnicode=true&characterEncoding=UTF-8&useSSL=falseusername: rootpassword: 172575 driverClassName : com.mysql.jdbc.Driverthymeleaf:prefix : classpath:/templates/ #扫描文件路径suffix : .html #文件格式cache : false #关闭缓存encoding: UTF-8 #编码格式#content-type:text/html #加载网页内容 mode: HTML5
mybatis:mapperlocations : classpath:mapper/*.xmltypealiasespackage : springSecurity.enity===================Application.java==========================
package ===================SecurityConfig.java========================
package ========================SecurityService=====================
package ========================ExceptionSecurity.java=================
package ========================WebContorller.java===================
package springSecurity;import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import springSecurity.dto.SysRole;
import springSecurity.dto.SysUser;
import springSecurity.service.SysRoleService;
import springSecurity.service.SysUseraccount;/*** @author Administrator zpy 20181110*/
@Controller
public class WebContorller {private static Logger logger = LoggerFactory.getLogger(WebContorller.class);@AutowiredSysUseraccount sysUserService;@AutowiredSysRoleService sysRoleService;// 默认转向登陆@RequestMapping("/")public String loading() {return "login";}// login action@RequestMapping(value = "/login")public String userLogin() {return "login";}// 进入主菜单@RequestMapping(value = "/index")public String index() {return "index";}//权限不足拒绝页面@RequestMapping("/403")public String Noloading() {return "403";}//session超时去往超时页面@RequestMapping("timeOut")public String timeOut() {return "timeOut";}}HTML页面不太会写,可以自己写几个简单的html对应contorller的跳转地址就成;
结语:
那几个不太重要的service就不写了,基本就是根据账号查账户表信息,然后根据账户表的编号查角色账户关联表,得到角色信息,然后根据角色信息返回给扽路账户进行正常访问请求;
启动以后,直接访问htp://127.0.0.1:8080即可
