Spring Security技術棧開發企業級認證與授權(一)環境搭建
Spring Security
是一個能夠為基於Spring
的企業應用系統提供宣告式的安全訪問控制解決方案的安全框架。它提供了一組可以在Spring
應用上下文中配置的Bean
,充分利用了Spring IoC
,DI
(控制反轉Inversion of Control
,DI:Dependency Injection
依賴注入)和AOP
(面向切面程式設計)功能,為應用系統提供宣告式的安全訪問控制功能,減少了為企業系統安全控制編寫大量重複程式碼的工作。
本篇部落格主要記錄的是學習利用Spring Security
技術棧開發企業級認證與授權。這篇部落格的主要內容是搭建環境。
一、專案組織結構
下圖展示了專案的組織結構,其中lemon-security
為聚合專案,打包方式為pom
,其他四個專案為子模組,都是lemon-security
的子模組,打包方式均為jar
。
下面簡要說明各個專案的基本作用:
專案 | 作用 |
---|---|
lemon-security |
聚合專案,主要控制整個專案所需依賴的版本 |
lemon-security-core |
認證與授權的核心模組 |
lemon-security-browser |
瀏覽器作為客戶端的認證與授權模組,依賴lemon-security-core 模組 |
lemon-security-app |
移動端作為客戶端的認證與授權模組,依賴lemon-security-core |
lemon-security-demo |
案例模組,依賴lemon-security-browser 和lemon-security-app 模組 |
二、依賴
lemon-security
的pom
依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" >
<modelVersion>4.0.0</modelVersion>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
<modules>
<module>../lemon-security-core</module>
<module>../lemon-security-browser</module>
<module>../lemon-security-app</module>
<module>../lemon-security-demo</module>
</modules>
<packaging>pom</packaging>
<description>Spring Security技術棧開發企業級認證與授權POM專案</description>
<properties>
<lemon.security.version>1.0.0-SNAPSHOT</lemon.security.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>io.spring.platform</groupId>
<artifactId>platform-bom</artifactId>
<version>Brussels-SR7</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Edgware.SR2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.7.0</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
</plugins>
</build>
</project>
這個pom
檔案中主要涉及到的就是版本控制,這裡引進了Spring
平臺的版本控制,和Spring Cloud
版本控制,整個專案是基於Spring Boot
進行開發的。
lemon-security-core
的pom
依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../lemon-security</relativePath>
</parent>
<artifactId>lemon-security-core</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>jar</packaging>
<description>Spring Security技術棧開發企業級認證與授權CORE專案</description>
<dependencies>
<!-- APP安全認證的重要依賴 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<!-- session儲存依賴,暫時用不到,先註釋掉 -->
<!--<dependency>-->
<!--<groupId>org.springframework.boot</groupId>-->
<!--<artifactId>spring-boot-starter-data-redis</artifactId>-->
<!--</dependency>-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<!-- 第三方登入用到的重要依賴 -->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-web</artifactId>
</dependency>
<!-- 工具依賴 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
<version>4.1</version>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
</dependency>
</dependencies>
</project>
lemon-security-browser
的pom
依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../lemon-security</relativePath>
</parent>
<artifactId>lemon-security-browser</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>jar</packaging>
<description>Spring Security技術棧開發企業級認證與授權瀏覽器專案</description>
<dependencies>
<dependency>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security-core</artifactId>
<version>${lemon.security.version}</version>
</dependency>
<!-- 瀏覽器端Session管理的重要依賴 -->
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session</artifactId>
</dependency>
</dependencies>
</project>
lemon-security-app
的pom
依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../lemon-security</relativePath>
</parent>
<artifactId>lemon-security-app</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>jar</packaging>
<description>Spring Security技術棧開發企業級認證與授權移動端專案</description>
<dependencies>
<dependency>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security-core</artifactId>
<version>${lemon.security.version}</version>
</dependency>
</dependencies>
</project>
lemon-security-demo
的pom
依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
<relativePath>../lemon-security</relativePath>
</parent>
<artifactId>lemon-security-demo</artifactId>
<version>${lemon.security.version}</version>
<packaging>jar</packaging>
<description>Spring Security技術棧開發企業級認證與授權案例專案</description>
<dependencies>
<!-- 首先學習的是瀏覽器端的安全開發 -->
<dependency>
<groupId>com.lemon.security</groupId>
<artifactId>lemon-security-browser</artifactId>
<version>${lemon.security.version}</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.9</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<!-- spring boot應用打包外掛 -->
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>1.5.10.RELEASE</version>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
三、編寫Spring Boot
應用入口
在包com.lemon.security.web.application
下編寫MainApplication.java
如下:
package com.lemon.security.web.application;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.ComponentScan;
/**
* @author lemon
* @date 2018/3/18 下午5:44
*/
@SpringBootApplication
@ComponentScan(basePackages = {"com.lemon.security"})
public class MainApplication {
public static void main(String[] args) {
SpringApplication.run(MainApplication.class, args);
}
}
再在包com.lemon.security.web.controller
下編寫一個DemoController.java
如下:
package com.lemon.security.web.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
/**
* @author lemon
* @date 2018/3/18 下午5:46
*/
@Controller
public class DemoController {
@GetMapping("/hello")
@ResponseBody
public String hello() {
return "Hello Spring Security";
}
}
當然,還要寫一個Spring Boot
的配置檔案,內容如下:
spring:
profiles:
active: dev
---
spring:
profiles: dev
# 資料庫配置
datasource:
driverClassName: com.mysql.jdbc.Driver
url: jdbc:mysql://localhost:3306/spring-security?characterEncoding=utf-8&useSSL=false
username: root
password: 123456
# 配置Druid連線池
type: com.alibaba.druid.pool.DruidDataSource
server:
port: 8080
需要將上面的資料庫連線設定修改為自己的即可。
這時候執行Spring Boot
的Main
方法,會發現報瞭如下的錯誤:
Caused by: java.lang.IllegalArgumentException: No Spring Session store is configured: set the 'spring.session.store-type' property
這是由於lemon-security-core
中加入了Spring Session
的依賴,而沒有配置Session
的儲存方式導致出錯,我們在Spring Boot
的配置檔案加入下面的內容即可,內容如下:
spring:
session:
store-type: none
完整的配置檔案為:
spring:
profiles:
active: dev
---
spring:
profiles: dev
# 資料庫配置
datasource:
driverClassName: com.mysql.jdbc.Driver
url: jdbc:mysql://192.168.25.133:3306/spring-security?characterEncoding=utf-8&useSSL=false
username: root
password: caifutong122819
# 配置Druid連線池
type: com.alibaba.druid.pool.DruidDataSource
# 配置session儲存方式,暫時關掉該功能
session:
store-type: none
server:
port: 8080
這時候重新啟動應用就可以正常啟動了,到瀏覽器執行http://localhost:8080/hello
發現需要輸入使用者名稱和密碼才可以訪問DemoController
的hello
方法,這是由於在Spring Boot
環境下Spring Security
的預設配置,也就是需要經過驗證在可以訪問方法。如圖所示:
由於是前期環境,暫時可以關閉許可權驗證功能,這需要在配置檔案中設定一下即可:
# 首先將許可權驗證關閉
security:
basic:
enabled: false
這時候重新啟動應用就可以正常啟動了,到瀏覽器執行http://localhost:8080/hello
發現瀏覽器上顯示了Hello Spring Security
。
Spring Security技術棧開發企業級認證與授權系列文章列表:
示例程式碼下載地址:
專案已經上傳到碼雲,歡迎下載,內容所在資料夾為
chapter001
。