代码拉取完成,页面将自动刷新
有任何问题欢迎邮件我或者发issues
-参考:-
https://mp.weixin.qq.com/s?__biz=MzAxODcyNjEzNQ==&mid=2247484574&idx=1&sn=0984db0da3dc0efda956fa0aaeabe479&chksm=9bd0a906aca7201028da742819b4f5b78c8c4768bd88237ffd54c5c818afec0f7af47b1d45eb#rd
http://www.spring4all.com/article/428
https://www.cnblogs.com/x113773/p/7160203.html
http://www.mkyong.com/spring-security/spring-security-remember-me-example/
https://www.cnblogs.com/softidea/p/5991897.html
security
- 参照spring security reference写的一个简单demo,没有参考价值,可以略过
security-ajax
- 抛弃默认登录方式,使用ajax方式登录,因此自定义增加了AuthenticationSuccessHandler和AuthenticationFailureHandler用来返回自定义json
/**
* @author dongsilin
* @version 2018/4/8.
* 登陆成功后的处理
*/
@Slf4j
@Component
public final class CustomAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
log.info("*******************AuthenticationSuccessHandler");
WebUtil.output(response, RestResponse.buildSuccess(), WebUtil.ResponseOutputType.JSON);
}
}
/**
* @author dongsilin
* @version 2018/4/8.
* 登陆失败后的处理
*/
@Slf4j
@Component
public final class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
log.info("*******************AuthenticationFailureHandler");
if (e instanceof CaptchaAuthenticationException) {
WebUtil.output(response, RestResponse.buildFail(e.getMessage()), WebUtil.ResponseOutputType.JSON);
} else if (e instanceof UsernameNotFoundException) {
WebUtil.output(response, RestResponse.buildFail("用户名不存在"), WebUtil.ResponseOutputType.JSON);
} else if (e instanceof BadCredentialsException) {
WebUtil.output(response, RestResponse.buildFail("密码错误"), WebUtil.ResponseOutputType.JSON);
} else {
WebUtil.output(response, RestResponse.buildFail("操作失败"), WebUtil.ResponseOutputType.JSON);
}
}
}
- 默认情况下DaoAuthenticationProvider会丢弃UsernameNotFoundException(用户名错误),原因在于其参数hideUserNotFoundExceptions=true,把UsernameNotFoundException给hide掉了,请看如下源码。因此自定义AuthenticationProvider继承自DaoAuthenticationProvider,把hideUserNotFoundExceptions改为false
//org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider 第62行
try {
user = this.retrieveUser(username, (UsernamePasswordAuthenticationToken)authentication);
} catch (UsernameNotFoundException var6) {
this.logger.debug("User \'" + username + "\' not found");
if(this.hideUserNotFoundExceptions) {
throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
throw var6;
}
@Slf4j
@Component
public final class CustomAuthenticationProvider extends DaoAuthenticationProvider {
@Autowired
private UserDetailsService userDetailsService;
@PostConstruct
public void init() {
setUserDetailsService(userDetailsService);
setPasswordEncoder(new BCryptPasswordEncoder(8));
setHideUserNotFoundExceptions(false);
}
}
- 增加登录验证码校验Filter: CustomCaptchaVerifyFilter,见项目代码
security-ajax-rememberme
- 在security-ajax中增加rememberme功能
- 提供RememberMeAuthenticationFilter bean和RememberMeAuthenticationProvider bean
- 在CustomCaptchaVerifyFilter中设置rememberMeServices:setRememberMeServices(rememberMeServices)
- 详细代码请clone再查看
oauth2
- 待完善
oauth2-sso-server
- 待完善
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
1. 开源生态
2. 协作、人、软件
3. 评估模型