范文健康探索娱乐情感热点
投稿投诉
热点动态
科技财经
情感日志
励志美文
娱乐时尚
游戏搞笑
探索旅游
历史星座
健康养生
美丽育儿
范文作文
教案论文
国学影视
探索旅游历史星座
星座室内驾车智家生物

权限控制(springboot整合security实现权限控制)

  权限控制(springboot整合security实现权限控制)1.建表,五张表,如下:1.1.用户表CREATETABLE`t_sys_user`(`user_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'用户ID',`user_name`varchar(30)NOTNULLCOMMENT'用户名',`user_password`varchar(128)NOTNULLCOMMENT'用户密码',`salt`varchar(64)DEFAULTNULLCOMMENT'加密盐',`user_phone`varchar(20)DEFAULTNULLCOMMENT'手机号',`user_emai`varchar(20)DEFAULTNULLCOMMENT'邮箱',`user_title`varchar(20)DEFAULTNULLCOMMENT'职称',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',`role_ids`varchar(200)DEFAULTNULL,`role_names`varchar(300)DEFAULTNULL,  PRIMARYKEY(`user_id`)  )ENGINE=InnoDBAUTO_INCREMENT=17DEFAULTCHARSET=utf8;1.2.用户角色表CREATETABLE`t_sys_user_role`(`user_role_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'用户角色ID',`user_id`bigint(20)NOTNULLCOMMENT'用户ID',`role_id`bigint(20)NOTNULLCOMMENT'角色ID',  PRIMARYKEY(`user_role_id`)  )ENGINE=InnoDBAUTO_INCREMENT=29DEFAULTCHARSET=utf8;1.3.角色表CREATETABLE`t_sys_role`(`role_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'角色ID',`role_name`varchar(100)NOTNULLCOMMENT'角色名称',`role_code`varchar(100)NOTNULLCOMMENT'角色编码',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',`permission_ids`varchar(200)DEFAULTNULL,`permission_names`varchar(300)DEFAULTNULL,  PRIMARYKEY(`role_id`)  )ENGINE=InnoDBAUTO_INCREMENT=4DEFAULTCHARSET=utf8;1.4.角色权限表CREATETABLE`t_sys_role_permission`(`role_permission_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'角色权限ID',`role_id`bigint(20)NOTNULLCOMMENT'角色ID',`permission_id`bigint(20)NOTNULLCOMMENT'权限ID',  PRIMARYKEY(`role_permission_id`)  )ENGINE=InnoDBAUTO_INCREMENT=78DEFAULTCHARSET=utf8;
  1.5.权限表CREATETABLE`t_sys_permission`(`permission_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'权限ID',`permission_name`varchar(100)NOTNULLCOMMENT'权限名称',`permission_code`varchar(100)NOTNULLCOMMENT'权限编码',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',  PRIMARYKEY(`permission_id`)  )ENGINE=InnoDBAUTO_INCREMENT=26DEFAULTCHARSET=utf8;2.pom.xml引入依赖:<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency>3.编码步骤:3.1.在用户实体类中实现UserDetails接口的方法packagecom.lz.hehuorenservice.system.entity;importcom.lz.hehuorenservice.common.entity.BaseEntity;importio.swagger.annotations.ApiModelProperty;importorg.springframework.security.core.GrantedAuthority;importorg.springframework.security.core.authority.SimpleGrantedAuthority;importorg.springframework.security.core.userdetails.UserDetails;importjava.util.*;/**Createbyhyhwebon2021/6/616:24*/publicclassUserextendsBaseEntityimplementsUserDetails{/**用户主键ID*/@ApiModelProperty(value="用户主键ID")privateLonguserId;/**用户名*/@ApiModelProperty(value="用户名")privateStringuserName;/**用户密码*/@ApiModelProperty(value="用户密码")privateStringuserPassword;@ApiModelProperty(value="")privateStringsalt;/**手机号*/@ApiModelProperty(value="手机号")privateStringuserPhone;/**邮箱*/@ApiModelProperty(value="邮箱")privateStringuserEmai;/**职称*/@ApiModelProperty(value="职称")privateStringuserTitle;@ApiModelProperty(value="角色ID")privateStringroleIds;@ApiModelProperty(value="角色名称")privateStringroleNames;/**创建人ID*/@ApiModelProperty(value="创建人ID")privateLongcreaterId;/**创建人名称*/@ApiModelProperty(value="创建人名称")privateStringcreaterName;/**创建时间*/@ApiModelProperty(value="创建时间")privateDatecreaterTime;/**更新人ID*/@ApiModelProperty(value="更新人ID")privateLongupdaterId;/**更新人名称*/@ApiModelProperty(value="更新人名称")privateStringupdaterName;/**更新时间*/@ApiModelProperty(value="更新时间")privateDateupdaterTime;privateSet<String>permissions;@OverridepublicCollection<?extendsGrantedAuthority>getAuthorities(){  List<SimpleGrantedAuthority>authorities=newArrayList<>();/*  //绑定角色的授权方法  if(roles!=null){  for(RolesysRole:roles){  authorities.add(newSimpleGrantedAuthority(sysRole.getRoleCode()));  }  }*///绑定权限的授权方法if(permissions!=null){for(Stringpermission:permissions){  authorities.add(newSimpleGrantedAuthority(permission));  }  }returnauthorities;  }@OverridepublicStringgetPassword(){returnuserPassword;  }@OverridepublicStringgetUsername(){returnuserName;  }@OverridepublicbooleanisAccountNonExpired(){returntrue;  }@OverridepublicbooleanisAccountNonLocked(){returntrue;  }@OverridepublicbooleanisCredentialsNonExpired(){returntrue;  }@OverridepublicbooleanisEnabled(){returntrue;  }publicLonggetUserId(){returnuserId;  }publicvoidsetUserId(LonguserId){this.userId=userId;  }publicStringgetUserName(){returnuserName;  }publicvoidsetUserName(StringuserName){this.userName=userName;  }publicStringgetUserPassword(){returnuserPassword;  }publicvoidsetUserPassword(StringuserPassword){this.userPassword=userPassword;  }publicStringgetSalt(){returnsalt;  }publicvoidsetSalt(Stringsalt){this.salt=salt;  }publicStringgetUserPhone(){returnuserPhone;  }publicvoidsetUserPhone(StringuserPhone){this.userPhone=userPhone;  }publicStringgetUserEmai(){returnuserEmai;  }publicvoidsetUserEmai(StringuserEmai){this.userEmai=userEmai;  }publicStringgetUserTitle(){returnuserTitle;  }publicvoidsetUserTitle(StringuserTitle){this.userTitle=userTitle;  }publicStringgetRoleIds(){returnroleIds;  }publicvoidsetRoleIds(StringroleIds){this.roleIds=roleIds;  }publicStringgetRoleNames(){returnroleNames;  }publicvoidsetRoleNames(StringroleNames){this.roleNames=roleNames;  }publicLonggetCreaterId(){returncreaterId;  }publicvoidsetCreaterId(LongcreaterId){this.createrId=createrId;  }publicStringgetCreaterName(){returncreaterName;  }publicvoidsetCreaterName(StringcreaterName){this.createrName=createrName;  }publicDategetCreaterTime(){returncreaterTime;  }publicvoidsetCreaterTime(DatecreaterTime){this.createrTime=createrTime;  }publicLonggetUpdaterId(){returnupdaterId;  }publicvoidsetUpdaterId(LongupdaterId){this.updaterId=updaterId;  }publicStringgetUpdaterName(){returnupdaterName;  }publicvoidsetUpdaterName(StringupdaterName){this.updaterName=updaterName;  }publicDategetUpdaterTime(){returnupdaterTime;  }publicvoidsetUpdaterTime(DateupdaterTime){this.updaterTime=updaterTime;  }publicSet<String>getPermissions(){returnpermissions;  }publicvoidsetPermissions(Set<String>permissions){this.permissions=permissions;  }  }3.2.在用户的服务实现类中,实现UserDetailsService接口的loadUserByUsername方法,返回用户的所有信息。packagecom.lz.hehuorenservice.system.service.impl;importcom.lz.hehuorenservice.common.service.impl.BaseServiceImpl;importcom.lz.hehuorenservice.system.dao.UserDao;importcom.lz.hehuorenservice.system.entity.User;importcom.lz.hehuorenservice.system.service.UserService;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.security.core.userdetails.UserDetails;importorg.springframework.security.core.userdetails.UserDetailsService;importorg.springframework.security.core.userdetails.UsernameNotFoundException;importorg.springframework.stereotype.Service;importjava.util.Set;/**Createbyhyhwebon2021/6/616:28*/@ServicepublicclassUserServiceImplextendsBaseServiceImpl<User,Long>implementsUserService,UserDetailsService{@AutowiredUserDaouserDao;@OverridepublicUserDetailsloadUserByUsername(StringuserName)throwsUsernameNotFoundException{  Useruser=userDao.getUserByName(userName);if(user==null){thrownewUsernameNotFoundException("账户不存在");  }  Set<String>permissions=userDao.getPermissionByUserId(user.getUserId());  user.setPermissions(permissions);returnuser;  }  }3.3.编写配置类,重写WebSecurityConfigurerAdapter类的三个configure方法,也就是重新配置三个对象AuthenticationManagerBuilder,HttpSecurity,WebSecurity。packagecom.lz.hehuorenservice.common.config;importcom.fasterxml.jackson.databind.ObjectMapper;importcom.lz.hehuorenservice.common.bean.CustomAccessDeniedHandler;importcom.lz.hehuorenservice.common.bean.CustomAuthenticationEntryPoint;importcom.lz.hehuorenservice.common.filter.CustomAuthenticationFilter;importcom.lz.hehuorenservice.system.entity.User;importcom.lz.hehuorenservice.system.service.impl.UserServiceImpl;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.context.annotation.Bean;importorg.springframework.context.annotation.Configuration;importorg.springframework.security.authentication.*;importorg.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;importorg.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;importorg.springframework.security.config.annotation.web.builders.HttpSecurity;importorg.springframework.security.config.annotation.web.builders.WebSecurity;importorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;importorg.springframework.security.core.Authentication;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;importorg.springframework.security.crypto.password.PasswordEncoder;importorg.springframework.security.web.access.AccessDeniedHandler;importorg.springframework.security.web.authentication.AuthenticationFailureHandler;importorg.springframework.security.web.authentication.AuthenticationSuccessHandler;importorg.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;importorg.springframework.security.web.authentication.logout.LogoutHandler;importorg.springframework.security.web.authentication.logout.LogoutSuccessHandler;importorg.springframework.web.cors.CorsUtils;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/78:26*/@Configuration@EnableGlobalMethodSecurity(prePostEnabled=true,securedEnabled=true)publicclassWebSecurityConfigextendsWebSecurityConfigurerAdapter{  @AutowiredUserServiceImpluserService;//这个必须是接口的实现类,不能是接口@BeanPasswordEncoderpasswordEncoder(){returnnewBCryptPasswordEncoder(10);//returnNoOpPasswordEncoder.getInstance();}/*@Bean  RoleHierarchyroleHierarchy(){  RoleHierarchyImplroleHierarchy=newRoleHierarchyImpl();  //Stringhierarchy="ROLE_dba>ROLE_admin\nROLE_admin>ROLE_user";  Stringhierarchy="ROLE_admin>ROLE_user";  roleHierarchy.setHierarchy(hierarchy);  returnroleHierarchy;  }*/@BeanCustomAuthenticationFiltercustomAuthenticationFilter()throwsException{CustomAuthenticationFilterfilter=newCustomAuthenticationFilter();filter.setAuthenticationSuccessHandler(  newAuthenticationSuccessHandler(){  @OverridepublicvoidonAuthenticationSuccess(HttpServletRequestreq,HttpServletResponseresp,Authenticationauth)throwsIOException,ServletException{Objectprincipal=auth.getPrincipal();  resp.setContentType("application/json;charset=utf-8");PrintWriterout=resp.getWriter();  resp.setStatus(200);Map<String,Object>map=newHashMap<>();map.put("code","1");map.put("success",true);map.put("message","登录成功");Useruser=(User)principal;  user.setUserPassword(null);map.put("data",user);ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();/*resp.setContentType("application/json;charset=utf-8");  PrintWriterout=resp.getWriter();  Map<String,Object>map=newHashMap<String,Object>();  map.put("message","登录成功");  out.write(newObjectMapper().writeValueAsString(map));  out.flush();  out.close();*/}  });filter.setAuthenticationFailureHandler(  newAuthenticationFailureHandler(){  @OverridepublicvoidonAuthenticationFailure(HttpServletRequestreq,HttpServletResponseresp,AuthenticationExceptione)throwsIOException,ServletException{  resp.setContentType("application/json;charset=utf-8");PrintWriterout=resp.getWriter();  resp.setStatus(401);Map<String,Object>map=newHashMap<>();map.put("status",401);if(einstanceofLockedException){map.put("msg","账号被锁定,登录失败");  }elseif(einstanceofBadCredentialsException){map.put("msg","账号或密码输入错误,请重新登录");  }elseif(einstanceofDisabledException){map.put("msg","账号被禁用,登录失败");  }elseif(einstanceofAccountExpiredException){map.put("msg","账号过期,登录失败");  }elseif(einstanceofCredentialsExpiredException){map.put("msg","密码过期,登录失败");  }else{map.put("msg","登录失败");  }ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();/*resp.setContentType("application/json;charset=utf-8");  PrintWriterout=resp.getWriter();  Map<String,Object>map=newHashMap<String,Object>();  map.put("message","登录失败");  out.write(newObjectMapper().writeValueAsString(map));  out.flush();  out.close();*/}  });filter.setAuthenticationManager(authenticationManagerBean());returnfilter;  }  @Overrideprotectedvoidconfigure(AuthenticationManagerBuilderauth)throwsException{  auth.userDetailsService(userService);  }  @BeanpublicAccessDeniedHandlergetAccessDeniedHandler(){returnnewCustomAccessDeniedHandler();  }  @Overridepublicvoidconfigure(WebSecurityweb)throwsException{  web.ignoring()  .antMatchers("/sessionInvalid","/register","/app/**","/login_page")  .antMatchers("/index.html","/static/**","/favicon.ico")  .antMatchers("/swagger-ui/**","/swagger/**","/doc.html","/swagger-resources/**","/images/**","/webjars/**","/v3/api-docs","/configuration/ui","/configuration/security");  }  @Overrideprotectedvoidconfigure(HttpSecurityhttp)throwsException{  http.cors()//开启跨域.and()//获取一个安全编译器.authorizeRequests()//授权请求.requestMatchers(CorsUtils::isPreFlightRequest)  .permitAll()//跨域的请求开放所有权限.anyRequest()//所有请求.authenticated()//所有请求都需要认证.and()  .sessionManagement()  .invalidSessionUrl("/session/invalid")  .and()//获取一个安全编译器.formLogin()//表单登录配置.loginPage("/login_page")//登录页面访问地址.loginProcessingUrl("/login")//配置登录接口地址.usernameParameter("userName")//配置登录的账号字段.passwordParameter("userPassWord")//配置登录密码字段.and()//获取一个安全编译器.logout()//退出登录配置.logoutUrl("/logout")//设置退出登录的接口地址.clearAuthentication(true)//清除所有认证信息.invalidateHttpSession(true)//让session失效.addLogoutHandler(  newLogoutHandler(){//退出登录时的处理器@Overridepublicvoidlogout(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,Authenticationauthentication){}  })  .logoutSuccessHandler(  newLogoutSuccessHandler(){//退出成功后的处理器@OverridepublicvoidonLogoutSuccess(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,Authenticationauthentication)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Map<String,Object>map=newHashMap<>();map.put("message","退出成功");map.put("code","1");map.put("success",true);ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();  }  })  .permitAll()//设置退出登录的所有权限.and()//获取一个安全编译器.csrf()  .disable()//关闭csrf跨站点请求伪造.exceptionHandling()  .authenticationEntryPoint(newCustomAuthenticationEntryPoint());//自定义认证的入口异常处理方法http.addFilterAt(customAuthenticationFilter(),UsernamePasswordAuthenticationFilter.class);  //重写用户名密码的过滤器,实现前后端分离获取登录的用户名,密码信息http.exceptionHandling().accessDeniedHandler(getAccessDeniedHandler());  //没有权限访问的处理器  }  }
  3.3.1CustomAccessDeniedHandler自定义没权限方法的处理器packagecom.lz.hehuorenservice.common.bean;importcom.fasterxml.jackson.databind.ObjectMapper;importorg.springframework.security.access.AccessDeniedException;importorg.springframework.security.web.access.AccessDeniedHandler;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/711:50*/publicclassCustomAccessDeniedHandlerimplementsAccessDeniedHandler{  @Overridepublicvoidhandle(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,AccessDeniedExceptione)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Mapmap=newHashMap<>();map.put("message","权限不足,请联系管理员开通权限");map.put("code",0);map.put("status",403);map.put("success",false);Stringresult=newObjectMapper().writeValueAsString(map);  out.write(result);  out.flush();  out.close();  }  }3.3.2CustomAuthenticationEntryPoint自定义认证的入口packagecom.lz.hehuorenservice.common.bean;importcom.fasterxml.jackson.databind.ObjectMapper;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.web.AuthenticationEntryPoint;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/711:42*/publicclassCustomAuthenticationEntryPointimplementsAuthenticationEntryPoint{  @Overridepublicvoidcommence(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,AuthenticationExceptione)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Mapmap=newHashMap<>();map.put("message","还没登录,请重新登录");map.put("code",302);Stringresult=newObjectMapper().writeValueAsString(map);  out.write(result);  out.flush();  out.close();  }  }3.3.3.CustomAuthenticationFilter自定义packagecom.lz.hehuorenservice.common.filter;importorg.springframework.http.MediaType;importorg.springframework.security.authentication.UsernamePasswordAuthenticationToken;importorg.springframework.security.core.Authentication;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.InputStream;/**Createbyhyhwebon2021/6/712:07*/publicclassCustomAuthenticationFilterextendsUsernamePasswordAuthenticationFilter{@OverridepublicAuthenticationattemptAuthentication(  HttpServletRequestrequest,HttpServletResponseresponse)throwsAuthenticationException{if(request.getContentType().equals(MediaType.APPLICATION_JSON_UTF8_VALUE)  ||request.getContentType().equals(MediaType.APPLICATION_JSON_VALUE)){  UsernamePasswordAuthenticationTokenauthRequest=null;try(InputStreamis=request.getInputStream()){  ObjectMappermapper=newObjectMapper();  Map<String,String>authenticationBean=mapper.readValue(is,Map.class);  authRequest=newUsernamePasswordAuthenticationToken(  authenticationBean.get("userName"),authenticationBean.get("userPassWord"));/*authRequest=  newUsernamePasswordAuthenticationToken(  request.getParameter("userName"),request.getParameter("userPassWord"));*/}catch(IOExceptione){  e.printStackTrace();  authRequest=newUsernamePasswordAuthenticationToken("","");  }finally{  setDetails(request,authRequest);returnthis.getAuthenticationManager().authenticate(authRequest);  }  }else{returnsuper.attemptAuthentication(request,response);  }  }  }4.controller层使用权限注释@PreAuthorize实现权限控制@RestController@RequestMapping("/user")@Api(tags="用户信息")  publicclassUserController{@AutowiredprivateUserServiceuserService;@ApiOperation(value="删除单个对象",notes="删除单个对象接口")@GetMapping("/delete/{id}")@PreAuthorize("hasAuthority('delete')")  publicApiResultdeleteById(@PathVariablelongid){returnuserService.deleteById(id);  }  }附加说明:Spring Security的表达式对象的基类:
  org.springframework.security.access.expression.SecurityExpressionRoot
  在controller的方法中使用注释,如下:
  @PreAuthorize("表达式('权限值')")@PreAuthorize("hasAuthority('zixunguanli-xinzeng')")  publicApiResultadd(@RequestBodyStringjson){returninfoService.add(JSON.parseObject(json,InfoReq.class));  }
  表达式如下:booleanhasAuthority(Stringvar1);booleanhasAnyAuthority(String...var1);booleanhasRole(Stringvar1);booleanhasAnyRole(String...var1);booleanpermitAll();booleandenyAll();booleanisAnonymous();booleanisAuthenticated();booleanisRememberMe();booleanisFullyAuthenticated();booleanhasPermission(Objectvar1,Objectvar2);booleanhasPermission(Objectvar1,Stringvar2,Objectvar3);Spring Security的重构获取用户名和密码的方式,实现前后端分离的json格式,如下:
  重构
  org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter的attemptAuthentication方法
家乡美的画(百位艺术家画出的美丽乡村)家乡美的画(百位艺术家画出的美丽乡村)它平平无奇,没什么名胜建筑经济不发达,村民经济来源大多都是瓜果蔬菜。大部分青年人都走了,村里都是留守的儿童与老年人。但就是这样一个平平无奇的农apk是什么文件(。apk是什么!)apk是什么文件(。apk是什么!)。apk是安卓软件安装包的后缀名,是AndroidPackage的缩写。用户在安卓应用商店下载的软件,都是这个格式。一般来说,用户在安卓文件管理app开发要多少钱(做一个APP开发要投入多少钱?)app开发要多少钱(做一个APP开发要投入多少钱?)1。做一个APP开发要投入多少钱?公司企业在制作一个手机APP应用的时候,一般都是会考虑到这款APP开发的成本,就会经常向一些软做个鼻子多少钱(做鼻子)一个多月前,张女士花了40800块钱,在贵阳观山湖区的艺龄医疗美容做了隆鼻手术。做完手术的这一个月时间,张女士不仅没有感受到鼻子带来的美感,反而是身体接连的出现异常症状让她很痛苦。社区是哪里(怎么知道社区在哪里)编辑导语什么是社区?相信社区对于我们来说并不陌生,但是对于社区的理解每个人都有所不同。本篇作者就结合自己的工作经历,从社区的特征是什么社区的本质是什么社区与社交社群的区别是什么三个通天国际(全国十大跨境电商产业园模式)通天国际(全国十大跨境电商产业园模式)跨境电商产业园的出现是跨境电商行业发展的产物。小编在本文介绍跨境电商产业园的模式,以及全国十大跨境电商产业园的招商优惠政策位置及其规模等情况,三面墙一面空小孩子在当中(13岁识字口诀)三面墙一面空小孩子在当中(13岁识字口诀)13岁识字属于早期识字,可以从2岁左右开始,把要识的字编成口诀,通过儿歌顺口溜的形式,配合以图片或卡片,让孩子轻松地认识汉字,既能展现语文卡巴斯基免费(卡巴斯基免费版发布!)卡巴斯基免费(卡巴斯基免费版发布!)国际知名安全软件卡巴斯基今天放出了个人免费版本,这也是卡巴斯基在PC个人平台上首次免费(此前有免费安卓版)。卡巴斯基表示,免费版采用了与付费个人本钢转债什么时候上市(本钢转债的上市公告)本钢转债什么时候上市(本钢转债的上市公告)关于转债,一个500万人期待的大消息!本钢转债终于要上市了,就在8月4号。目前是8月2号,也就是后天,周二,就要上市。真的等了好久。本钢转西装搭配(搭配西装外套秒变街头潮人)西装搭配(搭配西装外套秒变街头潮人)中性风的着装主打潮流帅气个性。李宇春的机场造型便是围绕这三个特征而展开。一身紫色的印花衬衫充满了街头潮范儿,衣身上的漫画印花图案更显个性潮流,长张扬娃娃(山里娃娃有一个科学梦)张扬娃娃(山里娃娃有一个科学梦)孩子们的梦想树我的梦想是做一名科学老师,把知识传递下去,帮助很多小朋友实现自己的梦想。尽管自己还是一名孩子,来自开州区大进镇中心小学的邓红英却有了这
<<<<<<>>>>>>
湖南卫视2009跨年演唱会(创造营18人湖南卫视跨年)湖南卫视2009跨年演唱会(创造营18人湖南卫视跨年)每年各家卫视的跨年演唱会是很多处在上升期的歌手都会极力争取的一个舞台,对于刚出道的选秀歌手更是如此。创造营2019作为2019诺基亚n82主题(梦回诺基亚辉煌年代)诺基亚n82主题(梦回诺基亚辉煌年代)如今诺基亚移动通信部门已经被微软蚕食,并且诺基亚的品牌LOGO也暂时不会在手机新品露出,梦回当年N系列街机年代,诺基亚手机的普及率犹如当今的i珠海酒店(揭秘珠海十大豪华酒店)珠海酒店(揭秘珠海十大豪华酒店)近年来,全国新开业的酒店遍地开花中国市场上的奢华酒店品牌越来越多因此,国内最贵的酒店也在不断刷新在中国最贵的十大酒店排行里住一晚有高达33万的真是贫程序正当原则(房屋征收要程序正当!)程序正当原则(房屋征收要程序正当!)房屋征收要程序正当!程序正当是指在房屋征收工作中,政府要严格遵循法定程序,依法保障行政管理相对人利害关系人的知情权参与权和救济权,也就是说,房屋泰戈尔生如夏花(生如夏花般绚烂)泰戈尔生如夏花(生如夏花般绚烂)光阴飞逝,一晃已是立夏,我们终于把夏天盼来了。夏天就是这样,不等春天暖透,便风风火火地来了,来给予万物肆意生长的力量。过了立夏,万物才真的直立起来。刻一个假章多少钱(刻公章为啥这么贵?)刻一个假章多少钱(刻公章为啥这么贵?)刻章为什么这么贵?刻个章要500块?刻章店黑我?问了好几家都差不多一样贵呀!因为刻章不是随随便便哪里都能刻的,要到在公安局备案过的指定印章店。返利网怎么样(返利网虚假宣传)返利网怎么样(返利网虚假宣传)近日,有诸多用户在网络投诉平台称,返利网存在虚假宣传恶意扣费。据黑猫投诉聚投诉平台显示,返利网目前投诉量高达4629条,其中虚假宣传返利不兑现自动会员刘备义子!(刘备的义子刘封是一员猛将!)刘备义子!(刘备的义子刘封是一员猛将!)作者许云辉公元220年7月,蜀汉叛将孟达率所部降魏后,调转枪口随魏军攻打由刘备义子刘封占据的上庸(今湖北竹山县西南)。刘封拒绝孟达劝降后,西人肉什么意思(人肉快递是什么意思)来源中国侨网中国侨网10月24日电据西班牙联合时报公众号消息,相信对于不少西班牙侨胞们来说,找人带物或者帮人带物是最熟悉不过的事情,如今在西班牙各论坛以及群里,都有不少华人提供回国瑞兹符文(人马瑞兹强势称雄)瑞兹符文(人马瑞兹强势称雄)11。11版本已经正式到来,全新的版本又有各种英雄遭到了不同程度的增强与削弱。喜获加强的英雄将会是新版本上分的不错之选,下面我们就来看看当前喜获加强的三活着是一种修行!(活着,就是一场修行!)活着是一种修行!(活着,就是一场修行!)活着,就是一场修行,无论生活有多么的困难,都要坚强地抬头挺胸,人生是一场醒悟,不要沉浸于昨天,不要总是遥望明天,只要好好把握今天。认真的活在