阅读量:0
要在Spring MVC中集成Spring Security,需要按照以下步骤进行操作:
- 添加Spring Security依赖 首先需要在项目的pom.xml文件中添加Spring Security的依赖,例如:
<dependency> <groupId>org.springframework.securitygroupId> <artifactId>spring-security-webartifactId> <version>5.4.2version> dependency> <dependency> <groupId>org.springframework.securitygroupId> <artifactId>spring-security-configartifactId> <version>5.4.2version> dependency> - 配置Spring Security 在项目中创建一个继承自WebSecurityConfigurerAdapter的配置类,并在其中配置Spring Security的相关设置,例如:
@Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/admin/**").hasRole("ADMIN") .antMatchers("/user/**").hasRole("USER") .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") .permitAll() .and() .logout() .permitAll(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .withUser("admin").password("{noop}admin123").roles("ADMIN") .and() .withUser("user").password("{noop}user123").roles("USER"); } } - 配置Spring MVC 在Spring MVC的配置类中添加对Spring Security的支持,例如:
@Configuration @EnableWebMvc public class WebConfig implements WebMvcConfigurer { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/login").setViewName("login"); } @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { registry.addResourceHandler("/resources/**").addResourceLocations("/resources/"); } } - 创建登录页面 在项目中创建一个登录页面,例如login.jsp,并在登录页面中添加表单来进行用户登录。
通过以上步骤,就可以在Spring MVC项目中集成Spring Security,实现用户认证和授权功能。
