Home > Others

Safety of SPRINGMVC (ii) Login interface

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

In this section, we will divide the previous Seurityconfiguration class into the following two:

1) Apisecurityconfiguration: This is the first to be laid out. This ensures restful use of basic authentication.

2) Websecurityconfiguration: This is the layout reset login page.

1. Apisecurityconfiguration

We delete the previous seurityconfiguration, and then add the Apisecurityconfiguration class under the same package, adding the following code:

Package Masterspringmvc6.config;import Org.springframework.beans.factory.annotation.autowired;import Org.springframework.context.annotation.configuration;import Org.springframework.core.annotation.order;import Org.springframework.http.httpmethod;import Org.springframework.security.config.annotation.authentication.builders.authenticationmanagerbuilder;import Org.springframework.security.config.annotation.method.configuration.enableglobalmethodsecurity;import Org.springframework.security.config.annotation.web.builders.httpsecurity;import org.springframework.security.config.annotation.web.configuration.websecurityconfigureradapter;/** * Basic permission settings, About user Permissions * Created by Owenwilliam on 2016/5/21. */@Configuration @order (1)//First Execute public class Apisecurityconfiguration extends websecurityconfigureradapter{/** * this     is the database extraction match. * Here we specify a fixed user name and password * @param auth * @throws Exception */@Autowired public void Configureauth (Authenticat  Ionmanagerbuilder auth) throws Exception  {auth.inmemoryauthentication (). Withuser ("user"). Password ("user"). Roles ("User"). and (). Withuser ("A    DMin "). Password (" admin "). Roles (" USER "," admin "); }/** * Specifies what kind of roles can be manipulated * e.g., user can only view, admin has crud * @param http * @throws Exception */@Overrid                e protected void Configure (Httpsecurity http) throws Exception {http. Antmatcher ("/api/**") . Httpbasic (). and (). CSRF (). Disable (). Authorizerequests (). ANTMATC Hers (Httpmethod.get). Hasrole ("USER"). Antmatchers (Httpmethod.post). Hasrole ("ADMIN"). ANTMATC Hers (httpmethod.put). Hasrole ("admin"). Antmatchers (Httpmethod.delete). Hasrole ("admin"). Anyr    Equest (). authenticated (); }}

2. Websecurityconfiguration

Under the same package, add the following code:


package Masterspringmvc6.config;import Org.springframework.context.annotation.configuration;import Org.springframework.security.config.annotation.web.builders.httpsecurity;import org.springframework.security.config.annotation.web.configuration.websecurityconfigureradapter;/** * Login permissions, Address like URI * Created by Owenwilliam on 2016/5/21.  */@Configurationpublic class Websecurityconfiguration extends websecurityconfigureradapter{@Override protected void               Configure (Httpsecurity http) throws Exception {http. Formlogin (). LoginPage ("/login")               . Defaultsuccessurl ("/profile"). and (). Logout (). Logoutsuccessurl ("/login") . and (). Authorizerequests (). Antmatchers ("/webjars/**", "/login", "/signin/**", "/sig    Nup "). Permitall (). Anyrequest (). authenticated (); }}

The above code is already the size of the login page to reset to the Login View page. So we also need to add a view page. When we join the view page, we need to define a controller to let the controller invoke the view.

Add the Logincontroller class under Authentication's package.

Package Masterspringmvc6.authentication;import Org.springframework.stereotype.controller;import org.springframework.web.bind.annotation.requestmapping;/** * User Normal login * Created by Owenwilliam on 2016/5/21. */@Controllerpublic class Logincontroller {    @RequestMapping ("/login") public    String authenticate ()    {         return "login";    }}
3. View interface

OK, let's add a login.html now.

<! DOCTYPE html>4. Summary
This chapter of the study, we mainly optimize the content of the previous section, we define a login page, this page is more suitable for our system. At the same time, we divide the seurityconfiguration into two, can say Apiseurityconfiguration is the API, and Webseurityconfiguration is we visit the site when the page jumps. Finally, our login page is as follows.

Source Download: [Email Protected]:owenwilliam/masterspringmvc6.git




Safety of SPRINGMVC (ii) Login interface

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
definition of interface what definition of interface uses of interface concept of interface what meaning of interface instance of interface practical use of interface

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More