- Classes that overwrite Auto-configuration
- Dynamic configuration with external properties "this article"
- Customizing the Error page "second article"
The automatic configuration of Spring boot can save a lot of uninteresting configuration work, but not all automatic configuration can meet the requirements. For example, when you link a database, you need to use some or-mapping middleware, such as security-related configurations that require custom development and configuration for scenarios/applications/services that are not used, or that require different branching decisions based on different runtime conditions, and so on. So sping Boot provides two basic ways to allow the developer to make customized changes to the existing self-buddha configuration: Configure overwrite, fine-grained external attribute configuration. "Explicit configuration overrides, fine-grained configuration with properties"
Overwrite (override) The automatic configuration of Spring Boot
The overwrite configuration can be configured in any way that Spring supports: XML, Groovy scripts, Java code, and so on. The configuration of Java code is used here. Websecurityconfigureradapter provided an entrance to the securityconfig. Make the assumption that: (1) only the login page to do login verification, the other pages do not check; (2) login account and password is User-password; (3) The role of login is user.
First, define a controller in response to the HTTP request. Respond to HTTP requests such as logging in, viewing login status, logging out, and so on.
Importorg.springframework.beans.factory.annotation.Autowired;ImportOrg.springframework.stereotype.Controller;Importorg.springframework.web.bind.annotation.RequestMapping; @Controller Public classHellocontroller {@AutowiredPrivatereaderrepository readerrepository; @RequestMapping (Value= "/adduser") PublicString AddUser () {//add a user to the databaseReader reader =NewReader (); Reader.setfullname ("Pa"); Reader.setpassword ("Password"); Reader.setusername ("User"); Readerrepository.save (reader); return"Index"; } @RequestMapping ("/") PublicString Index () {Readerrepository.saveandflush (NewReader ("User", "password", "password"))); return"Index"; } @RequestMapping ("/hello") PublicString Hello () {return"Hello"; } @RequestMapping ("/login") PublicString Login () {return"Login"; }}
To implement the self-configuring security check is implemented by inheriting and overwrite the Websecurityconfigueradapter class, specifying the class that needs to be checked for security, specifying the data for verification, etc., the code is as follows:
Packagereadinglist;Importorg.springframework.beans.factory.annotation.Autowired;Importorg.springframework.context.annotation.Configuration;ImportOrg.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;Importorg.springframework.security.config.annotation.web.builders.HttpSecurity;Importorg.springframework.security.config.annotation.web.configuration.EnableWebSecurity;ImportOrg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;Importorg.springframework.security.core.userdetails.UserDetails;ImportOrg.springframework.security.core.userdetails.UserDetailsService;Importorg.springframework.security.core.userdetails.UsernameNotFoundException, @Configuration @enablewebsecurity// This annotation enables the validation of custom security configuration security based on the logic of the Annotated class Public classWebsecurityconfigextendsWebsecurityconfigureradapter {@AutowiredPrivatereaderrepository readerrepository; @Overrideprotected voidConfigure (Httpsecurity http)throwsException {http. authorizerequests (). Antmatchers ("/"). Permitall ()//"/" does not perform a security check at this path. Anyrequest (). Authenticated ()//Other paths need to be verified. and () . Formlogin (). LoginPage ("/login")//Default login page. Permitall (). and (). Logout (). Perm Itall (); }
Here to check the login, through the database for the user name and password verification @Overrideprotected voidConfigure (Authenticationmanagerbuilder auth)throwsException {auth. Userdetailsservice (NewUserdetailsservice () {@Override Publicuserdetails Loaduserbyusername (String username)throwsusernamenotfoundexception {returnReaderrepository.findone (username); } }); } Public voidsetreaderrepository (readerrepository readerrepository) { This. Readerrepository =readerrepository; }}
The above is the core code. The other way of self-configuration is basically the same.
Helper code: The definition of Reader.
Packagereadinglist;Importjava.util.Arrays;Importjava.util.Collection;Importjavax.persistence.Entity;Importjavax.persistence.Id;Importorg.springframework.security.core.GrantedAuthority;Importorg.springframework.security.core.authority.SimpleGrantedAuthority;Importorg.springframework.security.core.userdetails.UserDetails; @Entity Public classReaderImplementsUserdetails {Private Static Final LongSerialversionuid = 1L; @Id PublicString username; PublicString fullname; PublicString password; @Override Publiccollection<?extendsGrantedauthority>getauthorities () {returnArrays.aslist (NewSimplegrantedauthority ("USER")); } @Override Public Booleanisaccountnonexpired () {return true; } @Override Public Booleanisaccountnonlocked () {return true; } @Override Public Booleaniscredentialsnonexpired () {return true; } @Override Public Booleanisenabled () {return true; } PublicString GetUserName () {returnusername; } Public voidSetusername (String username) { This. Username =username; } PublicString Getfullname () {returnfullname; } Public voidSetfullname (String fullname) { This. FullName =fullname; } PublicString GetPassword () {returnpassword; } Public voidSetPassword (String password) { This. Password =password; }}
Repository's Code:
Package readinglist; Import org.springframework.data.jpa.repository.JpaRepository; Public Interface extends Jparepository<reader, string> {}
Spring Boot. 4--Custom Spring Boot configuration