chenx221/java_ee_project
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

乱七八糟的文件

Browse Source 
Signed-off-by: Chenx221 <chenx221@yandex.com>
This commit is contained in:
Chenx221 2023-06-08 15:17:56 +08:00
parent 58d5eec5ca
commit 82d9daa676
6 changed files with 128 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/handler/CustomAuthenticationFailureHandler.class Normal file
View File

Binary file not shown.

BIN
project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/service/CustomUserDetailsService.class Normal file
View File

Binary file not shown.

36
project2/out/artifacts/project2_war_exploded/WEB-INF/classes/spring-security.xml Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 定义自定义的UserDetailsService -->
<bean id="userDetailsService" class="cyou.chenx221.service.CustomUserDetailsService"/>
<!-- 定义密码加密器 -->
<bean id="passwordEncoder" class="org.springframework.security.crypto.password.MessageDigestPasswordEncoder">
<constructor-arg value="SHA-256"/>
</bean>
<!-- 配置Spring Security -->
<security:http auto-config="true">
<security:csrf disabled="true"/>
<!-- <security:intercept-url pattern="/login" access="permitAll()"/>-->
<security:intercept-url pattern="/dashboard" access="hasRole('admin')"/>
<security:form-login login-page="/login"
default-target-url="/dashboard"
authentication-failure-handler-ref="customAuthenticationFailureHandler"/>
<security:logout logout-success-url="/login?logout=true"/>
</security:http>
<!-- 配置认证管理器 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
</beans>

21
project2/src/main/java/cyou/chenx221/handler/CustomAuthenticationFailureHandler.java Normal file
View File

@ -0,0 +1,21 @@
package cyou.chenx221.handler;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
// 在验证失败时执行的逻辑
request.getSession().setAttribute("errorMessage", "用户名或密码不正确,请重新输入。");
System.out.println("到过这里");
response.sendRedirect("/login"); // 重定向到登录页面
}
}

35
project2/src/main/java/cyou/chenx221/service/CustomUserDetailsService.java Normal file
View File

@ -0,0 +1,35 @@
package cyou.chenx221.service;
import cyou.chenx221.mapper.UserMapper;
import cyou.chenx221.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class CustomUserDetailsService implements UserDetailsService {
private final UserMapper userMapper;
@Autowired
public CustomUserDetailsService(UserMapper userMapper) {
this.userMapper = userMapper;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userMapper.getUserByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("X User not found with username: " + username);
}
System.out.println(user.getId()+" "+user.getUsername()+" "+user.getPassword()+" "+user.getRoles());
// 创建并返回自定义的UserDetails对象
return org.springframework.security.core.userdetails.User.builder()
.username(user.getUsername())
.password(user.getPassword())
.roles(user.getRoles())
.build();
}
}

36
project2/src/main/resources/spring-security.xml Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 定义自定义的UserDetailsService -->
<bean id="userDetailsService" class="cyou.chenx221.service.CustomUserDetailsService"/>
<!-- 定义密码加密器 -->
<bean id="passwordEncoder" class="org.springframework.security.crypto.password.MessageDigestPasswordEncoder">
<constructor-arg value="SHA-256"/>
</bean>
<!-- 配置Spring Security -->
<security:http auto-config="true">
<security:csrf disabled="true"/>
<!-- <security:intercept-url pattern="/login" access="permitAll()"/>-->
<security:intercept-url pattern="/dashboard" access="hasRole('admin')"/>
<security:form-login login-page="/login"
default-target-url="/dashboard"
authentication-failure-handler-ref="customAuthenticationFailureHandler"/>
<security:logout logout-success-url="/login?logout=true"/>
</security:http>
<!-- 配置认证管理器 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
</beans>