Spring Security入门小Demo

今天学习了Spring Security 安全控制框架，总结一个入门小Demo。

---

一、Spring Security简介  

Spring Security是一个能够为基于Spring的企业应用系统提供声明式的安全访问控制解决方案的安全框架。它提供了一组可以在Spring应用上下文中配置的Bean，充分利用了Spring IoC，DI（控制反转Inversion of Control ,DI:Dependency Injection 依赖注入）和AOP（面向切面编程）功能，为应用系统提供声明式的安全访问控制功能，减少了为企业系统安全控制编写大量重复代码的工作。

二、搭建Maven项目 

点击Finish

三、引入pom.xml文件

  4.0.0
  DaoGangUP
  spring-security-demo
  0.0.1-SNAPSHOT
  war
  
		4.2.5.RELEASE
	
	
		
			org.springframework
			spring-context
			${spring.version}
		
		
			org.springframework
			spring-beans
			${spring.version}
		
		
		
			org.springframework
			spring-core
			${spring.version}
		
		
			org.springframework
			spring-web
			${spring.version}
		
		
			org.springframework
			spring-webmvc
			${spring.version}
		
		
			org.springframework
			spring-context-support
			${spring.version}
		
		
			org.springframework
			spring-test
			${spring.version}
		
		
			org.springframework
			spring-jdbc
			${spring.version}
		
		
			org.springframework.security
			spring-security-web
			4.1.0.RELEASE
		
		
			org.springframework.security
			spring-security-config
			4.1.0.RELEASE
		
		
			javax.servlet
			servlet-api
			2.5
			provided
		
	
	
	  		
	      
		  
				org.apache.maven.plugins
				maven-compiler-plugin
				3.5
				
					1.8
					1.8
					UTF-8
				
		        
	      
				org.apache.tomcat.maven
				tomcat7-maven-plugin
				
					
					9090
					
					/
				
	  	  
	     
    
  

四、web.xml

		
  	 
		contextConfigLocation
		classpath:spring-security.xml
	 
	 
		
			org.springframework.web.context.ContextLoaderListener
		
	 	
	   
		springSecurityFilterChain  		 
		org.springframework.web.filter.DelegatingFilterProxy  
	   
	   
		springSecurityFilterChain  
		/*  
	 	

五、spring-security.xml

六、Service层

package spring.security.service;

import java.util.ArrayList;
import java.util.List;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;


/**
 * 认证类
 * @author Administrator
 *
 */
public class UserDetailsServiceImpl implements UserDetailsService{

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		
		//后台接收 用户输入的用户名 经过数据库校验 这里就不校验了
		
		List grantedAuthorities = new ArrayList<>();
		grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));

		return new User("admin", "123", grantedAuthorities);
	}

}

七、login.html

	
	

		

			

				
用户名:
				

			
			

				
密码:
				

			
			

				

			
		
	

八、启动程序，在页面测试数据就可以看到效果了。