燕鹏
há 4 anos
4 ficheiros modificados com 116 adições e 2 eliminações
@ -0,0 +1,36 @@ |
|||
package com.aiprose.scauth.controller; |
|||
|
|||
import org.springframework.security.access.annotation.Secured; |
|||
import org.springframework.security.access.prepost.PreAuthorize; |
|||
import org.springframework.web.bind.annotation.GetMapping; |
|||
import org.springframework.web.bind.annotation.RestController; |
|||
|
|||
import javax.annotation.security.RolesAllowed; |
|||
|
|||
/** |
|||
* @author nelson |
|||
* @desc TODO |
|||
* @company 北京中经网软件有限公司 |
|||
* @date 2020/11/27 16:42 |
|||
* @since 1.0 |
|||
*/ |
|||
@RestController |
|||
public class TestAuthController { |
|||
|
|||
@Secured("ROLE_root") //需要加前缀
|
|||
@GetMapping("root") |
|||
public String root(){ |
|||
return "root"; |
|||
} |
|||
@PreAuthorize("hasAnyRole('root','admin')") |
|||
@GetMapping("admin") |
|||
public String gest(){ |
|||
return "admin"; |
|||
} |
|||
|
|||
@RolesAllowed("user") |
|||
@GetMapping("user") |
|||
public String user(){ |
|||
return "user"; |
|||
} |
|||
} |
@ -0,0 +1,29 @@ |
|||
package com.aiprose.scauth.handler; |
|||
|
|||
import lombok.extern.slf4j.Slf4j; |
|||
import org.springframework.security.access.AccessDeniedException; |
|||
import org.springframework.security.core.AuthenticationException; |
|||
import org.springframework.security.web.access.AccessDeniedHandler; |
|||
import org.springframework.security.web.authentication.AuthenticationFailureHandler; |
|||
|
|||
import javax.servlet.ServletException; |
|||
import javax.servlet.http.HttpServletRequest; |
|||
import javax.servlet.http.HttpServletResponse; |
|||
import java.io.IOException; |
|||
|
|||
/** |
|||
* @author nelson |
|||
* @desc 权限不足 |
|||
* @company 北京中经网软件有限公司 |
|||
* @date 2020/11/27 16:50 |
|||
* @since 1.0 |
|||
*/ |
|||
@Slf4j |
|||
public class AuthLimitHandler implements AccessDeniedHandler { |
|||
|
|||
@Override |
|||
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { |
|||
log.error("你没有权限访问网址{}",request.getRequestURI()); |
|||
response.sendError(403); |
|||
} |
|||
} |
@ -0,0 +1,27 @@ |
|||
package com.aiprose.scauth.handler; |
|||
|
|||
import org.springframework.security.core.Authentication; |
|||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
|||
|
|||
import javax.servlet.ServletException; |
|||
import javax.servlet.http.HttpServletRequest; |
|||
import javax.servlet.http.HttpServletResponse; |
|||
import java.io.IOException; |
|||
|
|||
/** |
|||
* @author nelson |
|||
* @desc TODO |
|||
* @company 北京中经网软件有限公司 |
|||
* @date 2020/11/27 16:15 |
|||
* @since 1.0 |
|||
*/ |
|||
public class LoginSuccessHandler implements AuthenticationSuccessHandler { |
|||
@Override |
|||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { |
|||
System.out.println("login success"); |
|||
System.out.println(authentication.getDetails()); |
|||
System.out.println(authentication.getAuthorities()); |
|||
System.out.println(authentication.getCredentials()); |
|||
System.out.println(authentication.getPrincipal()); |
|||
} |
|||
} |
Carregando…
Criar uma nova questão referindo esta