1.首先看下我的項(xiàng)目結(jié)構(gòu)

我們逐個(gè)講解

/** * 用戶(hù)登錄配置類(lèi) * @author Administrator * */public class AdminUserDateils implements UserDetails {private static final long serialVersionUID = -1546619839676530441L; private transient YCAdmin yCAdmin; public AdminUserDateils() {} public AdminUserDateils(YCAdmin yCAdmin) { if (yCAdmin != null) { this.yCAdmin = yCAdmin; } } public YCAdmin getyCAdmin() {return yCAdmin;}public void setyCAdmin(YCAdmin yCAdmin) {this.yCAdmin = yCAdmin;}@Overridepublic Collection<? extends GrantedAuthority> getAuthorities() { Collection<GrantedAuthority> authorities = new ArrayList<>(); SimpleGrantedAuthority authority = new SimpleGrantedAuthority('admin'); authorities.add(authority); return authorities;}//用戶(hù)名密碼@Overridepublic String getPassword() { return yCAdmin.getAdminPassword();}//賬號(hào)@Overridepublic String getUsername() {return yCAdmin.getAdminAccount();}@Overridepublic boolean isAccountNonExpired() {return true;}@Overridepublic boolean isAccountNonLocked() {return true;}@Overridepublic boolean isCredentialsNonExpired() {return true;}@Overridepublic boolean isEnabled() {return true;}}

首先以上AdminUserDateils類(lèi)是配置用戶(hù)登錄成功后，來(lái)存儲(chǔ)用戶(hù)登錄的信息

/** * Spring-Security * @author Administrator * */@Servicepublic class AdminCustomerDetailsService implements UserDetailsService{@Autowiredprivate YCAdminMapper yCAdminMapper;@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {YCAdmin ycAdmin= yCAdminMapper.selectYCAdminByAccount(username);if(ycAdmin==null) {throw new UsernameNotFoundException('未找到該用戶(hù)！！');}//配置的AdminUserDateilsAdminUserDateils adminUserDateils = new AdminUserDateils(ycAdmin);return adminUserDateils;}}

以上AdminCustomerDetailsService是根據(jù)查找用戶(hù)名的，需要實(shí)現(xiàn)UserDetailsService接口的loadUserByUsername的方法也就是會(huì)找用戶(hù)名，這個(gè)根據(jù)mapper層，也就是數(shù)據(jù)庫(kù)查找，返回只也就是剛才配置的AdminUserDateils類(lèi)

public class YhPasswordEncoder implements PasswordEncoder{@Overridepublic String encode(CharSequence rawPassword) {return Des3.encrypt(rawPassword.toString());}@Overridepublic boolean matches(CharSequence rawPassword, String encodedPassword) {// TODO Auto-generated method stubreturn encode(rawPassword).equals(encodedPassword);}}

以上YhPasswordEncoder 需要繼承是我們PasswordEncoder配置用戶(hù)密碼加密的，這里的加密可以按照自己業(yè)務(wù)需求來(lái)使用加密，按照這樣換一種加密類(lèi)型就可以了。

public class AdminSecurityConfiguration {@Configuration@Order(2)@EnableWebSecuritypublic static class ClientSecurityConfig extends WebSecurityConfigurerAdapter {@Autowiredprivate AdminCustomerDetailsService adminCustomerDetailsService;@Value('${yunhui.admin.urlContext:/houtai}')private String adminUrlContext;@Value('${yunhui.admin.noLoginUrls:}')private String noLoginUrls;@Overrideprotected void configure(HttpSecurity http) throws Exception {//循環(huán)獲取用戶(hù)不需要驗(yàn)證url（這里是記錄在yml）List<String> clientNoLoginUrls = new ArrayList<String>();if (!noLoginUrls.isEmpty()) {for (String s : noLoginUrls.split(',')) {clientNoLoginUrls.add(adminUrlContext + s);}}http.//需要驗(yàn)證登錄的urlantMatcher(adminUrlContext + '/**').authorizeRequests()//不需登錄驗(yàn)證的url.antMatchers(clientNoLoginUrls.toArray(new String[0])).permitAll().anyRequest().authenticated().and()//開(kāi)啟表單驗(yàn)證.formLogin().//驗(yàn)證登錄的urlloginProcessingUrl('/houtai/login')//登錄的頁(yè)面.loginPage('/houtai/login')//登錄成功后跳轉(zhuǎn).defaultSuccessUrl('/houtai').permitAll().and()//注銷(xiāo)登錄的url.logout().logoutUrl('/houtai/loginout')//注銷(xiāo)之后跳轉(zhuǎn)的頁(yè)面.logoutSuccessUrl('/houtai').and().rememberMe().and().csrf().disable();;}@Overridepublic void configure(AuthenticationManagerBuilder auth) throws Exception {//需要哪個(gè)service，和驗(yàn)證密碼的方式，剛才我們都配置了auth.userDetailsService(adminCustomerDetailsService).passwordEncoder(new YhPasswordEncoder());}}

最后就是配置首先開(kāi)啟@Configuration@EnableWebSecurity的注解

一個(gè)是我們剛才配置的service其他兩個(gè)兩個(gè)變量是在配置文件配置的

最后配置我們表單驗(yàn)證就可以了input的name必須是username和password，除非重新配置了，action='/houtai/login'就是直接這樣就可以實(shí)現(xiàn)登錄了

如果有HttpSecurity配置的細(xì)節(jié)問(wèn)題可以提問(wèn)

補(bǔ)充可以自己配置登錄成功和失敗類(lèi)

到此這篇關(guān)于SpringBoot使用Spring Security實(shí)現(xiàn)登錄注銷(xiāo)功能的文章就介紹到這了,更多相關(guān)Spring Security登錄注銷(xiāo)內(nèi)容請(qǐng)搜索好吧啦網(wǎng)以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持好吧啦網(wǎng)！