0
点赞
收藏
分享

微信扫一扫

@EnableGlobalMethodSecurity方法注解权限控制

自由的美人鱼 2022-03-30 阅读 39
csscss3html

案例

在这里插入图片描述

引入依赖

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.zzhua</groupId>
    <artifactId>demo-security-anno</artifactId>
    <version>1.0-SNAPSHOT</version>

    <packaging>war</packaging>

    <dependencies>
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>javax.servlet-api</artifactId>
            <version>3.1.0</version>
            <scope>provided</scope>
        </dependency>

        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>jsp-api</artifactId>
            <version>2.0</version>
            <scope>provided</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-web</artifactId>
            <version>5.0.2.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>5.0.2.RELEASE</version>
        </dependency>

        <!--整合spring-security-->
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>5.1.4.RELEASE</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>5.1.4.RELEASE</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-jdbc</artifactId>
            <version>5.1.4.RELEASE</version>
        </dependency>

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.1.47</version>
        </dependency>

        <!--<dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <version>1.18.16</version>
        </dependency>
-->
    </dependencies>

    <build>
        <finalName>demo-spring-security</finalName>
        <pluginManagement>
            <plugins>
                <plugin>
                    <groupId>org.apache.tomcat.maven</groupId>
                    <artifactId>tomcat7-maven-plugin</artifactId>
                    <version>2.2</version>
                    <configuration>
                        <!-- 配置端口 -->
                        <port>8080</port>
                        <!-- 配置urlencoding -->
                        <uriEncoding>UTF-8</uriEncoding>
                        <!-- 配置项目的访问路径 -->
                        <path>/</path>
                    </configuration>
                </plugin>
                <plugin>
                    <groupId>org.apache.maven.plugins</groupId>
                    <artifactId>maven-compiler-plugin</artifactId>
                    <configuration>
                        <source>1.8</source>
                        <target>1.8</target>
                    </configuration>
                </plugin>
                <!-- <plugin>
                     <artifactId>maven-resources-plugin</artifactId>
                     <configuration>
                         <encoding>utf-8</encoding>
                         <useDefaultDelimiters>true</useDefaultDelimiters>
                         <resources>
                             <resource>
                                 <directory>src/main/resources</directory>
                                 <filtering>true</filtering>
                                 <includes>
                                     <include>**/*</include>
                                 </includes>
                             </resource>
                             <resource>
                                 <directory>src/main/java</directory>
                                 <includes>
                                     <include>**/*.xml</include>
                                 </includes>
                             </resource>
                         </resources>
                     </configuration>
                 </plugin>-->
            </plugins>
        </pluginManagement>
    </build>

</project>


webapp文件下

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         version="3.1">

    <context-param>
        <param-name>contextClass</param-name>
        <param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
    </context-param>
    <!-- 使用spring 监听器 -->
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    <!-- Spring核心配置文件 -->
    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>com.zzhua.config.AppConfig</param-value>
    </context-param>

    <!-- 配置SpringMVC -->
    <servlet>
        <servlet-name>springMvc</servlet-name>
        <servlet-class>com.zzhua.config.CustomizeDispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>com.zzhua.config.MyWebConfig</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>springMvc</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <!-- 代理过滤器 -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

</web-app>

index.jsp

<%--
  Created by IntelliJ IDEA.
  User: zzhua195
  Date: 2022/3/27
  Time: 16:24
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
    欢迎来到index.jsp
</body>
</html>

配置

AppConfig

@Configuration
@ComponentScan("com.zzhua")
public class AppConfig {

}

CustomizeDispatcherServlet

public class CustomizeDispatcherServlet extends DispatcherServlet {
    public Class<?> getContextClass() {
        return AnnotationConfigWebApplicationContext.class;
    }
}

MyWebConfig

@Configuration
@EnableWebMvc
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ComponentScan(basePackages = "com.zzhua.controller",
                excludeFilters = {@ComponentScan.Filter(type = FilterType.ANNOTATION,
                classes = Service.class)})
public class MyWebConfig implements WebMvcConfigurer {

    @Override
    public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
        // 开启静态资源访问
        configurer.enable();
    }

    @Bean
    public ViewResolver viewResolver() {
        InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
        viewResolver.setPrefix("/WEB-INF/view/");
        viewResolver.setSuffix(".jsp");
        return viewResolver;
    }

}

MySecurityConfig

@Configuration
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated();
        http.formLogin().successHandler((request, response, authentication) -> {
            response.setContentType("application/json;charset=utf8");
            response.getWriter().write("登录成功");
        });
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("zhangsan")
                .password(passwordEncoder().encode("123"))
                .authorities("r1","ROLE_admin")

                .and()
                .withUser("lisi")
                .password(passwordEncoder().encode("456"))
                .authorities("r2","ROLE_guest")
        ;
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public PermissionEvaluator permissionEvaluator() {
        return new PermissionEvaluator(){
            @Override
            public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
                System.out.println(authentication);
                System.out.println(targetDomainObject);
                System.out.println(permission);
                return false;
            }

            @Override
            public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
                System.out.println(authentication);
                System.out.println(targetId);
                System.out.println(targetType);
                System.out.println(permission);
                return false;
            }
        };
    }

}

PermChecker

@Component
public class PermChecker {

    public boolean checkPerm(Authentication authentication, HttpServletRequest request){
        System.out.println(authentication);
        System.out.println(request);
        return false;
    }

}

controller

IndexController

@Controller
public class IndexController {

    @RequestMapping("index")
    public String index() {
        return "index";
    }

}

RController

@RestController
@RequestMapping
public class RController {

    @RequestMapping()
    @PreAuthorize("denyAll()")
    public String denyAll() {
        return "denyAll";
    }

    @RequestMapping("permitAll")
    @PreAuthorize("permitAll()")
    public String permitAll() {
        return "permitAll";
    }

    @GetMapping("r1")
    @PreAuthorize("hasAuthority('r1')")
    public String r1() {
        return " r1";
    }

    @GetMapping("r2")
    @PreAuthorize("hasAuthority('r2')")
    public String r2() {
        return " r2";
    }


    @RequestMapping("admin")
    @PreAuthorize("hasRole('admin')")
    public String admin() {
        return "admin";
    }

    @RequestMapping("guest")
    @PreAuthorize("hasRole('guest')")
    public String guest() {
        return "guest";
    }

    @RequestMapping("isAnonymous")
    @PreAuthorize("isAnonymous()")
    public String isAnonymous() {
        return "isAnonymous";
    }

    @RequestMapping("isRememberMe")
    @PreAuthorize("isRememberMe()")
    public String isRememberMe() {
        return "isRememberMe";
    }

    @RequestMapping("isAuthenticated")
    @PreAuthorize("isAuthenticated()")
    public String isAuthenticated() {
        return "isAuthenticated";
    }

    @RequestMapping("combineLogic")
    @PreAuthorize("isRememberMe() or isAuthenticated()")
    public String combineLogic() {
        return "combineLogic";
    }

    @RequestMapping("isFullyAuthenticated")
    @PreAuthorize("isFullyAuthenticated()")
    public String isFullyAuthenticated() {
        return "isFullyAuthenticated";
    }

    @RequestMapping("useMethodArg")
    @PreAuthorize("#uname == principal.username")
    public String useMethodArg(@P("uname") String username) {
        return "userMethodArg";
    }

    @RequestMapping("hasPermission1")
    @PreAuthorize("hasPermission(#contact,'admin')")
    public String hasPermission1(Contact contact) {
        return "hasPermission1";
    }

    @RequestMapping("hasPermission1-1")
    @PreAuthorize("hasPermission(#contact,#age)")
    public String hasPermission11(Contact contact,Integer age) {
        return "hasPermission1-1";
    }

    @RequestMapping("hasPermission2")
    @PreAuthorize("hasPermission(25,'com.zzhua.entity.Contact','read')")
    public String hasPermission2(Contact contact) {
        return "hasPermission2";
    }

    @RequestMapping("postAuthorize")
    @PostAuthorize("returnObject == 'postAuthorize'")
    public String postAuthorize(Integer flag) {
        return flag != null ? "postAuthorize" : "";
    }

    @RequestMapping("postAuthorize2")
    @PostAuthorize("hasPermission(returnObject,#flag)")
    public String postAuthorize2(Integer flag) {
        return flag != null ? "postAuthorize" : "";
    }

}

Contact

@Data
public class Contact {
    String name;
}
举报

相关推荐

0 条评论