1.jdbcAuthentication,代码写死配置
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("admin").password("ThisIsApassword").roles("Admin");
//此种方法不能更改,项目启动写入内存中,账号密码修改后重启才能生效,一般无用
}
2.jdbcAuthentication,直接连数据库查询
@Resource//(此处不能用@Autowired,否则抱多个Bean错误)
DataSource dataSource;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery("select u_name,u_password,a_id from `admin` where u_name = ?")
//此处必须3个参数,前2个用户名和密码,第三个可以随便找一个
.authoritiesByUsernameQuery("select u_name, a_id from `admin` where u_name = ?");
//此处必须为2个参数,第一个为用户名,第二个为用户权限(可以随意找一个)
}
3.userDetailsService,实现UserDetailsService,自定义查询操作
@Autowired
private CustomUserDetailService customUserDetailService;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(customUserDetailService)
.passwordEncoder(new PasswordEncoder() {
@Override
public String encode(CharSequence charSequence) {
return null;
}
//此处返回加密方式,如果不加密可返回空
@Override
public boolean matches(CharSequence CharSequence, String s) {
return CharSequence.equals(s);
}
//此处判断输入密码和数据库密码是否一致
});
}
CustomUserDetailService.java
/**
* Created by linshao on 2018/3/6.
*/
@Service("customUserDetailService")
public class CustomUserDetailService implements UserDetailsService {
@Autowired
private AdminRepository adminRepository;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
Admin admin = adminRepository.getAdminByUName(s);//此处通过dao获取用户信息
if (null == admin) {
return null;
} else {
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
return new User(admin.getuName(), admin.getuPassword(), authorities);
//返回user对象(用户名,密码,权限组)
}
}
}
4.ldapAuthentication,LDAP鉴权
//暂时没使用,无代码,后期用到补全
网友评论