创建springsecurity项目的方式有很多,最简单的是 使用Spring Initializr工具,
点击下一步,输入项目基本信息,选择jdk版本
再下一步,选择要使用的组件
完成项目创建。
项目目录如下
打开pom文件,
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.1</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.hzau</groupId>
<artifactId>securitydemo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>securitydemo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
</build>
</project>
新建一个测试路由
package com.hzau.securitydemo.controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* @ClassName TestController
* @Description TODO
* @Author yueyiming
* @Date 2020/12/31 14:30
* @Version 1.0
* https://blog.csdn.net/hzau_itdog
**/
@RestController
public class TestController {
@RequestMapping("test")
public String test(){
return "hello";
}
}
启动项目,日志如下
D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\bin\java.exe -XX:TieredStopAtLevel=1 -noverify -Dspring.output.ansi.enabled=always -Dcom.sun.management.jmxremote -Dspring.jmx.enabled=true -Dspring.liveBeansView.mbeanDomain -Dspring.application.admin.enabled=true "-javaagent:D:\javasoftware\IntelliJ IDEA 2019.2.4\lib\idea_rt.jar=56934:D:\javasoftware\IntelliJ IDEA 2019.2.4\bin" -Dfile.encoding=UTF-8 -classpath D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\charsets.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\deploy.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\access-bridge-64.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\cldrdata.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\dnsns.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\jaccess.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\jfxrt.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\localedata.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\nashorn.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\sunec.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\sunjce_provider.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\sunmscapi.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\sunpkcs11.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\ext\zipfs.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\javaws.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\jce.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\jfr.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\jfxswt.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\jsse.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\management-agent.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\plugin.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\resources.jar;D:\javasoftware\jdk\jdk1.8\jdk1.8.0_202\jre\lib\rt.jar;D:\sourceCode\securitydemo\target\classes;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter-security\2.4.1\spring-boot-starter-security-2.4.1.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter\2.4.1\spring-boot-starter-2.4.1.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot\2.4.1\spring-boot-2.4.1.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-autoconfigure\2.4.1\spring-boot-autoconfigure-2.4.1.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter-logging\2.4.1\spring-boot-starter-logging-2.4.1.jar;D:\javasoftware\maven\repository\ch\qos\logback\logback-classic\1.2.3\logback-classic-1.2.3.jar;D:\javasoftware\maven\repository\ch\qos\logback\logback-core\1.2.3\logback-core-1.2.3.jar;D:\javasoftware\maven\repository\org\apache\logging\log4j\log4j-to-slf4j\2.13.3\log4j-to-slf4j-2.13.3.jar;D:\javasoftware\maven\repository\org\apache\logging\log4j\log4j-api\2.13.3\log4j-api-2.13.3.jar;D:\javasoftware\maven\repository\org\slf4j\jul-to-slf4j\1.7.30\jul-to-slf4j-1.7.30.jar;D:\javasoftware\maven\repository\jakarta\annotation\jakarta.annotation-api\1.3.5\jakarta.annotation-api-1.3.5.jar;D:\javasoftware\maven\repository\org\yaml\snakeyaml\1.27\snakeyaml-1.27.jar;D:\javasoftware\maven\repository\org\springframework\spring-aop\5.3.2\spring-aop-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\spring-beans\5.3.2\spring-beans-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\security\spring-security-config\5.4.2\spring-security-config-5.4.2.jar;D:\javasoftware\maven\repository\org\springframework\spring-context\5.3.2\spring-context-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\security\spring-security-web\5.4.2\spring-security-web-5.4.2.jar;D:\javasoftware\maven\repository\org\springframework\spring-expression\5.3.2\spring-expression-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter-web\2.4.1\spring-boot-starter-web-2.4.1.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter-json\2.4.1\spring-boot-starter-json-2.4.1.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\core\jackson-databind\2.11.3\jackson-databind-2.11.3.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\core\jackson-annotations\2.11.3\jackson-annotations-2.11.3.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\core\jackson-core\2.11.3\jackson-core-2.11.3.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\datatype\jackson-datatype-jdk8\2.11.3\jackson-datatype-jdk8-2.11.3.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\datatype\jackson-datatype-jsr310\2.11.3\jackson-datatype-jsr310-2.11.3.jar;D:\javasoftware\maven\repository\com\fasterxml\jackson\module\jackson-module-parameter-names\2.11.3\jackson-module-parameter-names-2.11.3.jar;D:\javasoftware\maven\repository\org\springframework\boot\spring-boot-starter-tomcat\2.4.1\spring-boot-starter-tomcat-2.4.1.jar;D:\javasoftware\maven\repository\org\apache\tomcat\embed\tomcat-embed-core\9.0.41\tomcat-embed-core-9.0.41.jar;D:\javasoftware\maven\repository\org\glassfish\jakarta.el\3.0.3\jakarta.el-3.0.3.jar;D:\javasoftware\maven\repository\org\apache\tomcat\embed\tomcat-embed-websocket\9.0.41\tomcat-embed-websocket-9.0.41.jar;D:\javasoftware\maven\repository\org\springframework\spring-web\5.3.2\spring-web-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\spring-webmvc\5.3.2\spring-webmvc-5.3.2.jar;D:\javasoftware\maven\repository\org\projectlombok\lombok\1.18.16\lombok-1.18.16.jar;D:\javasoftware\maven\repository\org\slf4j\slf4j-api\1.7.30\slf4j-api-1.7.30.jar;D:\javasoftware\maven\repository\org\springframework\spring-core\5.3.2\spring-core-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\spring-jcl\5.3.2\spring-jcl-5.3.2.jar;D:\javasoftware\maven\repository\org\springframework\security\spring-security-core\5.4.2\spring-security-core-5.4.2.jar com.hzau.securitydemo.SecuritydemoApplication
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.4.1)
2020-12-31 14:33:29.554 INFO 5452 --- [ main] c.h.s.SecuritydemoApplication : Starting SecuritydemoApplication using Java 1.8.0_202 on PC-201912180916 with PID 5452 (D:\sourceCode\securitydemo\target\classes started by Administrator in D:\sourceCode\securitydemo)
2020-12-31 14:33:29.560 INFO 5452 --- [ main] c.h.s.SecuritydemoApplication : No active profile set, falling back to default profiles: default
2020-12-31 14:33:31.334 INFO 5452 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2020-12-31 14:33:31.351 INFO 5452 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2020-12-31 14:33:31.351 INFO 5452 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.41]
2020-12-31 14:33:31.500 INFO 5452 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2020-12-31 14:33:31.501 INFO 5452 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1807 ms
2020-12-31 14:33:31.922 INFO 5452 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2020-12-31 14:33:32.242 INFO 5452 --- [ main] .s.s.UserDetailsServiceAutoConfiguration :
Using generated security password: 34be0be0-d0f0-4ca0-bdb9-ea2bde7b5e6d
2020-12-31 14:33:32.506 INFO 5452 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Will secure any request with [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@215a34b4, org.springframework.security.web.context.SecurityContextPersistenceFilter@55b8dbda, org.springframework.security.web.header.HeaderWriterFilter@66e889df, org.springframework.security.web.csrf.CsrfFilter@20ed3303, org.springframework.security.web.authentication.logout.LogoutFilter@353efdbf, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@63da207f, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@660591fb, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@77bd7fe7, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@985696, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@3a022576, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5b22b970, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@35d3ab60, org.springframework.security.web.session.SessionManagementFilter@3766c667, org.springframework.security.web.access.ExceptionTranslationFilter@383f1975, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@250b236d]
2020-12-31 14:33:32.689 INFO 5452 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2020-12-31 14:33:32.712 INFO 5452 --- [ main] c.h.s.SecuritydemoApplication : Started SecuritydemoApplication in 3.908 seconds (JVM running for 5.997)
访问 http://127.0.0.1:8080/test
需要登录。这里我们虽然没有配置SpringSecurity,但是默认运行了SpringSecurity,其默认使用用户user,密码打印在控制台
输入用户和密码
最常见的方式还是在配置文件里配置
spring:
security:
user:
name: user
password: 123
重新启动登录,输入密码,正常访问。