SpringSecurity自定义成功失败处理器的示例代码
1.新建SpringBoot工程
2.项目依赖
org.springframework.boot spring-boot-starter-security org.springframework.boot spring-boot-starter-thymeleaf org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-tomcat provided org.projectlombok lombok org.springframework.boot spring-boot-starter-test
3.定义登录成功处理器
- 新建一个类实现AuthenticationSuccessHandler
- 重写onAuthenticationSuccess方法
packagezw.springboot.controller;
importlombok.SneakyThrows;
importorg.json.JSONObject;
importorg.springframework.security.core.Authentication;
importorg.springframework.security.web.authentication.AuthenticationSuccessHandler;
importorg.springframework.stereotype.Component;
importjavax.servlet.ServletException;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjava.io.IOException;
importjava.io.PrintWriter;
/**
*@classNameLoginSuccessHandler
*@description登录成功处理器
*@author周威
*@date2020-09-0313:50
**/
@Component
publicclassLoginSuccessHandlerimplementsAuthenticationSuccessHandler
{
@SneakyThrows
@Override
publicvoidonAuthenticationSuccess(HttpServletRequestrequest,HttpServletResponseresponse,Authenticationauthentication)throwsIOException,ServletException
{
//设置response缓冲区字符集
response.setCharacterEncoding("UTF-8");
//定义一个JSONObject对象
JSONObjectobject=newJSONObject();
//填写登录成功响应信息
object.put("code",1);
object.put("msg","登录成功");
//设置响应头
response.setContentType("application/json;charset=utf-8");
//获得打印输出流
PrintWriterpw=response.getWriter();
//向客户端写入一个字符串
pw.print(object.toString());
//关闭流资源
pw.close();
}
}
4.定义登录失败处理器新建一个类实现AuthenticationFailureHandler接口重写onAuthenticationFailure方法
packagezw.springboot.controller;
importlombok.SneakyThrows;
importorg.json.JSONObject;
importorg.springframework.security.core.AuthenticationException;
importorg.springframework.security.web.authentication.AuthenticationFailureHandler;
importorg.springframework.stereotype.Component;
importjavax.servlet.ServletException;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjava.io.IOException;
importjava.io.PrintWriter;
/**
*@classNameLoginErrorHandler
*@description登录失败处理器
*@author周威
*@date2020-09-0313:57
**/
@Component
publicclassLoginErrorHandlerimplementsAuthenticationFailureHandler
{
@SneakyThrows
@Override
publicvoidonAuthenticationFailure(HttpServletRequestrequest,HttpServletResponseresponse,AuthenticationExceptionauthenticationException)throwsIOException,ServletException
{
//设置response缓冲区字符集
response.setCharacterEncoding("UTF-8");
//定义一个JSONObject对象
JSONObjectobject=newJSONObject();
//填写登录失败响应信息
object.put("code",-1);
object.put("msg","登录失败");
//设置响应头
response.setContentType("application/json;charset=utf-8");
//获得打印输出流
PrintWriterpw=response.getWriter();
//向客户端写入一个字符串
pw.print(object.toString());
//关闭流资源
pw.close();
}
}
5.安全认证配置类
packagezw.springboot.config;
importorg.springframework.beans.factory.annotation.Autowired;
importorg.springframework.context.annotation.Bean;
importorg.springframework.security.config.annotation.web.builders.HttpSecurity;
importorg.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
importorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
importorg.springframework.security.core.userdetails.User;
importorg.springframework.security.core.userdetails.UserDetailsService;
importorg.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
importorg.springframework.security.crypto.password.PasswordEncoder;
importorg.springframework.security.provisioning.InMemoryUserDetailsManager;
importorg.springframework.security.web.authentication.AuthenticationFailureHandler;
importorg.springframework.security.web.authentication.AuthenticationSuccessHandler;
/**
*@classNameSpringSecurityConfig
*@description安全人认证配置类
*@author周威
*@date2020-09-0313:42
**/
@EnableWebSecurity
publicclassSpringSecurityConfigextendsWebSecurityConfigurerAdapter
{
@Autowired
privateAuthenticationSuccessHandlerloginSuccessHandler;
@Autowired
privateAuthenticationFailureHandlerloginErrorHandler;
//定义用户信息服务
@Bean
@Override
protectedUserDetailsServiceuserDetailsService()
{
InMemoryUserDetailsManagermanager=newInMemoryUserDetailsManager();
//模拟两个用户身份
manager.createUser(User.withUsername("admin").password(passwordEncoder().encode("123456")).authorities("p1").build());
manager.createUser(User.withUsername("user").password(passwordEncoder().encode("654321")).authorities("p2").build());
returnmanager;
}
//定义密码加密器
@Bean
publicPasswordEncoderpasswordEncoder()
{
returnnewBCryptPasswordEncoder();
}
//定义拦截机制
@Override
protectedvoidconfigure(HttpSecurityhttp)throwsException
{
http
.authorizeRequests()
//设置哪些请求需要认证
.antMatchers("/**").authenticated()
.and()
//启用表单登录认证
.formLogin()
//指定登录成功处理器
.successHandler(loginSuccessHandler)
//指定登录失败处理器
.failureHandler(loginErrorHandler);
}
}
6.项目运行测试
7.登录成功测试
8.登录失败测试
总结
到此这篇关于SpringSecurity自定义成功失败处理器的示例代码的文章就介绍到这了,更多相关SpringSecurity成功失败处理器内容请搜索毛票票以前的文章或继续浏览下面的相关文章希望大家以后多多支持毛票票!
声明:本文内容来源于网络,版权归原作者所有,内容由互联网用户自发贡献自行上传,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任。如果您发现有涉嫌版权的内容,欢迎发送邮件至:czq8825#qq.com(发邮件时,请将#更换为@)进行举报,并提供相关证据,一经查实,本站将立刻删除涉嫌侵权内容。