一、原有的配置文件中,增加注解@EnableGlobalMethodSecurity(prePostEnabled = true)
二、原有配置文件中,内存新建账号的时候添加角色
package Eleven.config; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; @Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("admin").password(passwordEncoder().encode("123456")).roles("admin");
auth.inMemoryAuthentication().withUser("user").password(passwordEncoder().encode("123456")).roles("normal");
}
}
三、controller里面不同路径授予不同角色访问
package Eleven.controller; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController; @RestController
public class AuthenticationTestController { @GetMapping("/user")
@PreAuthorize("hasAnyRole('normal')")
public String helloWorld(){
return "This is a user page!";
} @GetMapping("/admin")
@PreAuthorize("hasAnyRole('admin')")
public String getAdminInfo(){
return "This is Admin page!";
} }