SPRING BOOT SECURITY权限管理集成CAS单点登录

编程语言 2018-08-28 18:31:13 阅读次数: 0

Spring boot集成Spring security
本篇是使用spring security集成cas,因此,先得集成spring security
新建一个Spring boot项目,加入maven依赖,我这里是用的架构是Spring boot2.0.4+Spring mvc+Spring data jpa+Spring security5
pom.xml:

复制代码

  1 <?xml version="1.0" encoding="UTF-8"?>  2 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  3          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">  4     <modelVersion>4.0.0</modelVersion>  5   6     <groupId>com.cas.client1</groupId>  7     <artifactId>cas-client1</artifactId>  8     <version>0.0.1-SNAPSHOT</version>  9     <packaging>jar</packaging> 10  11     <name>cas-client1</name> 12     <description>Demo project for Spring Boot</description> 13  14     <parent> 15         <groupId>org.springframework.boot</groupId> 16         <artifactId>spring-boot-starter-parent</artifactId> 17         <version>2.0.4.RELEASE</version> 18         <relativePath/> <!-- lookup parent from repository --> 19     </parent> 20  21     <properties> 22         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> 23         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> 24         <java.version>1.8</java.version> 25     </properties> 26  27     <dependencies> 28         <dependency> 29             <groupId>org.springframework.boot</groupId> 30             <artifactId>spring-boot-starter-web</artifactId> 31         </dependency> 32         <dependency> 33             <groupId>org.springframework.boot</groupId> 34             <artifactId>spring-boot-starter-thymeleaf</artifactId> 35         </dependency> 36  37         <dependency> 38             <groupId>org.springframework.boot</groupId> 39             <artifactId>spring-boot-starter-tomcat</artifactId> 40             <scope>provided</scope> 41         </dependency> 42         <dependency> 43             <groupId>junit</groupId> 44             <artifactId>junit</artifactId> 45             <version>4.12</version> 46             <scope>test</scope> 47         </dependency> 48         <dependency> 49             <groupId>org.springframework.boot</groupId> 50             <artifactId>spring-boot-starter-test</artifactId> 51             <scope>test</scope> 52         </dependency> 53         <dependency> 54             <groupId>org.springframework.boot</groupId> 55             <artifactId>spring-boot-starter-security</artifactId> 56         </dependency> 57         <dependency> 58             <groupId>org.springframework.security</groupId> 59             <artifactId>spring-security-test</artifactId> 60             <scope>test</scope> 61         </dependency> 62         <!-- security taglibs --> 63         <dependency> 64             <groupId>org.springframework.security</groupId> 65             <artifactId>spring-security-taglibs</artifactId> 66         </dependency> 67         <dependency> 68             <groupId>org.springframework.security.oauth</groupId> 69             <artifactId>spring-security-oauth2</artifactId> 70             <version>RELEASE</version> 71         </dependency> 72         <dependency> 73             <groupId>org.springframework.boot</groupId> 74             <artifactId>spring-boot-starter-data-jpa</artifactId> 75         </dependency> 76         <dependency> 77             <groupId>org.springframework.boot</groupId> 78             <artifactId>spring-boot-starter-jdbc</artifactId> 79         </dependency> 80         <dependency> 81             <groupId>mysql</groupId> 82             <artifactId>mysql-connector-java</artifactId> 83             <version>5.1.46</version> 84         </dependency> 85         <!-- https://mvnrepository.com/artifact/com.alibaba/druid-spring-boot-starter --> 86         <dependency> 87             <groupId>com.alibaba</groupId> 88             <artifactId>druid-spring-boot-starter</artifactId> 89             <version>1.1.10</version> 90         </dependency> 91         <dependency> 92             <groupId>org.springframework.boot</groupId> 93             <artifactId>spring-boot</artifactId> 94             <version>2.0.2.RELEASE</version> 95             <scope>compile</scope> 96         </dependency> 97     </dependencies> 98  99     <build>100         <plugins>101             <plugin>102                 <groupId>org.springframework.boot</groupId>103                 <artifactId>spring-boot-maven-plugin</artifactId>104             </plugin>105         </plugins>106     </build>107 108 109 </project>

复制代码

application.properties:

复制代码

 1 server.port=8083 2 #静态文件访问存放地址 3 spring.resources.static-locations=classpath:/html/ 4 # thymeleaf 模板存放地址 5 spring.thymeleaf.prefix=classpath:/html/ 6 spring.thymeleaf.suffix=.html 7 spring.thymeleaf.mode=LEGACYHTML5 8 spring.thymeleaf.encoding=UTF-8 9 10 # JDBC 配置(驱动类自动从url的mysql识别,数据源类型自动识别)11 # 或spring.datasource.url=12 spring.datasource.druid.url=jdbc:mysql://localhost:3306/vhr?useUnicode=true&characterEncoding=UTF813 # 或spring.datasource.username=14 spring.datasource.druid.username=root15 # 或spring.datasource.password=16 spring.datasource.druid.password=123417 #或 spring.datasource.driver-class-name=18 #spring.datasource.druid.driver-class-name=com.mysql.jdbc.Driver19 20 #连接池配置(通常来说,只需要修改initialSize、minIdle、maxActive21 # 如果用Oracle,则把poolPreparedStatements配置为true,mysql可以配置为false。分库分表较多的数据库,建议配置为false。removeabandoned不建议在生产环境中打开如果用SQL Server,建议追加配置)22 spring.datasource.druid.initial-size=123 spring.datasource.druid.max-active=2024 spring.datasource.druid.min-idle=125 # 配置获取连接等待超时的时间26 spring.datasource.druid.max-wait=6000027 #打开PSCache,并且指定每个连接上PSCache的大小28 spring.datasource.druid.pool-prepared-statements=true29 spring.datasource.druid.max-pool-prepared-statement-per-connection-size=2030 #spring.datasource.druid.max-open-prepared-statements=和上面的等价31 spring.datasource.druid.validation-query=SELECT 'x'32 #spring.datasource.druid.validation-query-timeout=33 spring.datasource.druid.test-on-borrow=false34 spring.datasource.druid.test-on-return=false35 spring.datasource.druid.test-while-idle=true36 #配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒37 spring.datasource.druid.time-between-eviction-runs-millis=6000038 #配置一个连接在池中最小生存的时间,单位是毫秒39 spring.datasource.druid.min-evictable-idle-time-millis=30000040 #spring.datasource.druid.max-evictable-idle-time-millis=41 #配置多个英文逗号分隔42 #spring.datasource.druid.filters= stat43 44 # WebStatFilter配置,说明请参考Druid Wiki,配置_配置WebStatFilter45 #是否启用StatFilter默认值true46 spring.datasource.druid.web-stat-filter.enabled=true47 spring.datasource.druid.web-stat-filter.url-pattern=/*48 spring.datasource.druid.web-stat-filter.exclusions=*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*49 spring.datasource.druid.web-stat-filter.session-stat-enable=false50 spring.datasource.druid.web-stat-filter.session-stat-max-count=100051 spring.datasource.druid.web-stat-filter.principal-session-name=admin52 spring.datasource.druid.web-stat-filter.principal-cookie-name=admin53 spring.datasource.druid.web-stat-filter.profile-enable=true54 55 # StatViewServlet配置56 #展示Druid的统计信息,StatViewServlet的用途包括:1.提供监控信息展示的html页面2.提供监控信息的JSON API57 #是否启用StatViewServlet默认值true58 spring.datasource.druid.stat-view-servlet.enabled=true59 spring.datasource.druid.stat-view-servlet.url-pattern=/druid/*60 61 62 # JPA config63 spring.jpa.database=mysql64 spring.jpa.hibernate.ddl-auto=update65 spring.jpa.show-sql=true66 spring.jpa.generate-ddl=true67 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect68 spring.jpa.open-in-view=true69 # 解决jpa no session的问题70 spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true

复制代码

 

这里使用数据库存储角色权限信息,分三种实体:用户;角色;资源;用户对角色多对多;角色对资源多对多
创建几个实体类:
用户:这里直接使用用户持久化对象实现Spring security要求的UserDetails接口,并实现对应方法

复制代码

  1 package com.cas.client1.entity;  2   3 import org.springframework.security.core.GrantedAuthority;  4 import org.springframework.security.core.userdetails.UserDetails;  5 import org.springframework.util.CollectionUtils;  6   7 import javax.persistence.*;  8 import java.util.ArrayList;  9 import java.util.Collection; 10 import java.util.List; 11  12 @Entity 13 @Table(name = "s_user") 14 public class User implements UserDetails { 15     @Id 16     private String id; 17     @Column(name = "username") 18     private String username; 19     @Column(name = "password") 20     private String password; 21  22     @ManyToMany(fetch = FetchType.LAZY) 23     @JoinTable( 24             name = "s_user_role", 25             joinColumns = @JoinColumn(name = "user_id"), 26             inverseJoinColumns = @JoinColumn(name = "role_id") 27     ) 28     private List<Role> roles; 29  30     public User() { 31     } 32  33     public User(String id, String username, String password) { 34         this.id = id; 35         this.username = username; 36         this.password = password; 37     } 38  39     public String getId() { 40         return id; 41     } 42  43     public void setId(String id) { 44         this.id = id; 45     } 46  47     public List<Role> getRoles() { 48         return roles; 49     } 50  51     public void setRoles(List<Role> roles) { 52         this.roles = roles; 53     } 54  55     @Override 56     public String getUsername() { 57         return username; 58     } 59  60     @Override 61     public boolean isAccountNonExpired() { 62         return true; 63     } 64  65     @Override 66     public boolean isAccountNonLocked() { 67         return true; 68     } 69  70     @Override 71     public boolean isCredentialsNonExpired() { 72         return true; 73     } 74  75     @Override 76     public boolean isEnabled() { 77         return true; 78     } 79  80     public void setUsername(String username) { 81         this.username = username; 82     } 83  84     @Transient 85     List<GrantedAuthority> grantedAuthorities=new ArrayList<>(); 86     @Override 87     public Collection<? extends GrantedAuthority> getAuthorities() { 88         if (grantedAuthorities.size()==0){ 89             if (!CollectionUtils.isEmpty(roles)){ 90                 for (Role role:roles){ 91                     List<Resource> resources = role.getResources(); 92                     if (!CollectionUtils.isEmpty(resources)){ 93                         for (Resource resource:resources){ 94                             grantedAuthorities.add(new SimpleGrantedAuthority(resource.getResCode())); 95                         } 96                     } 97                 } 98             } 99             grantedAuthorities.add(new SimpleGrantedAuthority("AUTH_0"));100         }101         return grantedAuthorities;102     }103     @Override104     public String getPassword() {105         return password;106     }107 108     public void setPassword(String password) {109         this.password = password;110     }111 }

复制代码

注意看这里:

我给每一位登录的用户都授予了AUTH_0的权限,AUTH_0在下面的SecurityMetaDataSource里被关联的url为:/**,也就是说除开那些机密程度更高的,这个登录用户能访问所有资源

角色:

复制代码

 1 package com.cas.client1.entity; 2  3 import javax.persistence.*; 4 import java.util.List; 5  6 /** 7  * @author Administrator 8  */ 9 @Entity10 @Table(name = "s_role")11 public class Role {12     @Id13     @Column(name = "id")14     private String id;15     @Column(name = "role_name")16     private String roleName;17 18     @ManyToMany(fetch = FetchType.LAZY)19     @JoinTable(20             name = "s_role_res",21             joinColumns = @JoinColumn(name = "role_id"),22             inverseJoinColumns = @JoinColumn(name = "res_id")23     )24     private List<Resource> resources;25     @ManyToMany(fetch = FetchType.LAZY)26     @JoinTable(27             name = "s_user_role",28             joinColumns = @JoinColumn(name = "role_id"),29             inverseJoinColumns = @JoinColumn(name = "user_id")30     )31     private List<User> users;32 33     public String getId() {34         return id;35     }36 37     public void setId(String id) {38         this.id = id;39     }40 41     public String getRoleName() {42         return roleName;43     }44 45     public void setRoleName(String roleName) {46         this.roleName = roleName;47     }48 49     public List<Resource> getResources() {50         return resources;51     }52 53     public void setResources(List<Resource> resources) {54         this.resources = resources;55     }56 57     public List<User> getUsers() {58         return users;59     }60 61     public void setUsers(List<User> users) {62         this.users = users;63     }64 }

复制代码

权限:

复制代码

 1 package com.cas.client1.entity; 2  3 import javax.persistence.Column; 4 import javax.persistence.Entity; 5 import javax.persistence.Id; 6 import javax.persistence.Table; 7  8 @Entity 9 @Table(name = "s_resource")10 public class Resource {11     @Id12     @Column(name = "id")13     private String id;14     @Column(name = "res_name")15     private String resName;16     @Column(name = "res_code")17     private String resCode;18     @Column(name = "url")19     private String url;20     @Column(name = "priority")21     private String priority;22 23     public String getId() {24         return id;25     }26 27     public void setId(String id) {28         this.id = id;29     }30 31     public String getResName() {32         return resName;33     }34 35     public void setResName(String resName) {36         this.resName = resName;37     }38 39     public String getResCode() {40         return resCode;41     }42 43     public void setResCode(String resCode) {44         this.resCode = resCode;45     }46 47     public String getUrl() {48         return url;49     }50 51     public void setUrl(String url) {52         this.url = url;53     }54 55     public String getPriority() {56         return priority;57     }58 59     public void setPriority(String priority) {60         this.priority = priority;61     }62 }

复制代码

建立几个DAO
UserDao:

复制代码

 1 package com.cas.client1.dao; 2  3 import com.cas.client1.entity.User; 4 import org.springframework.data.jpa.repository.JpaRepository; 5 import org.springframework.data.jpa.repository.Query; 6 import org.springframework.data.repository.query.Param; 7 import org.springframework.stereotype.Repository; 8  9 import java.util.List;10 11 @Repository12 public interface UserDao extends JpaRepository<User,String> {13     @Override14     List<User> findAll();15 16     List<User> findByUsername(String username);17 18     /**19      * 根据用户名like查询20      * @param username21      * @return22      */23     List<User> getUserByUsernameContains(String username);24 25     @Query("from User where id=:id")26     User getUserById(@Param("id") String id);27 28 }

复制代码

 ResourceDao:

复制代码

 1 package com.cas.client1.dao; 2  3 import com.cas.client1.entity.Resource; 4 import org.springframework.data.jpa.repository.JpaRepository; 5 import org.springframework.data.jpa.repository.Query; 6 import org.springframework.stereotype.Repository; 7  8 import java.util.List; 9 10 /**11  * @author Administrator12  */13 @Repository14 public interface ResourceDao extends JpaRepository<Resource,String> {15 16     @Query("from Resource order by priority")17     List<Resource> getAllResource();18 }

复制代码

 

SPRING BOOT SECURITY权限管理集成CAS单点登录

猜你喜欢

转载自blog.51cto.com/13882008/2165599
今日推荐
《美国对全球网络空间安全与发展的威胁和破坏》报告发布
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
LFOSSA 源来如此公开课 | 掌握云原生未来:CNCF 认证全面攻略与备考秘籍
国产云输入法——仅华为无云端数据上传安全问题
开源日报 | 工业开源项目OGG 1.0;姐姐,你要和我一起配置火狐吗;苹果AI遥遥落后?Fedora 40
周排行
购置笔记本常识
从源码看Spring Security之采坑笔记(Spring Boot篇)
大数据学习——高可用配置案例
如何避免选择不专业的建站公司?
Euclid's Game HDU - 1525(博弈)
面试笔记(六)---Js实现eventHandler
Windows 实例搭建的 FTP 在外网无法连接和访问
设计模式 : 桥接模式
USB 设备驱动开发之几个重要结构体分析
14-p14_sqrt求平方根
每日归档
更多
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)
2024-04-23(26)
2024-04-22(39)
2024-04-21(0)
2024-04-20(6)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022