Security management framework, both Shiro and SpringSecurity are both rigid existence.

Compared to Shiro, it is more troublesome to integrate Spring Security in SSM/SSH. Therefore, although Spring Security is stronger than Shiro, there is no shiro (Shiro’s functions do not have Spring Security, but most of most of the most for most of them, but most of most of them are most of them, but most of most of them are most of the most parts. For the project, Shiro is enough).

but after SpringBoot comes out, you can configure the integration of SpringSecurity. It is not too convenient.
Not much nonsense, let’s start learning integration below

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

@RestController
public class HelloController
{
    @GetMapping("/hello")
    public String hello() {
        return "Hello";
    }
}

Visit http: // localhost: 8080/hello will automatically jump to the login page
default username user
The default password is displayed in the console

spring.security.user.name=user
spring.security.user.password=123
spring.security.user.roles=admin

Newly built a SecurityConfig .java class

@Configuration 
 Public Class SecurityConfig EXTENDS WebSecurityCONFIGURERADAPTER 
 {{ 
     // Remove Spring5 The limit of encryption of password encryption 
     @Bean 
     PasswordEncoder passwordEncoder () {) {) 
         return nooppasswordEncoder.getInstance (); 
     } 
     // The second type: configure the user name and password in the code 
     @Override 
     Protected void configure (AuthenticationManagerBuilder Auth) Throws Exception 
     {{ 
         auth.inmemoryAuthentication () 
                 .withuser ("terry"). Password ("123"). ROLES ("admin") 
                 .and ()) 
                 .withuser ("tt"). Password ("456"). ROLES ("User"); 
     } 
 }

@Configuration 
 Public Class SecurityConfig EXTENDS WebSecurityCONFIGURERADAPTER 
 {{ 
     // Remove Spring5 The limit of encryption of password encryption 
     @Bean 
     PasswordEncoder passwordEncoder () {) {) 
         return nooppasswordEncoder.getInstance (); 
     } 
     // The second type: configure the user name and password in the code 
     @Override 
     Protected void configure (AuthenticationManagerBuilder Auth) Throws Exception 
     {{ 
         auth.inmemoryAuthentication () 
                 .withuser ("terry"). Password ("123"). ROLES ("admin") 
                 .and ()) 
                 .withuser ("tt"). Password ("456"). ROLES ("User"); 
     } 

     // httpsecurity configuration 
     @Override 
     Protected void configure (HTTPSECURITY) Throws Exception 
     {{ 
         http.authorizrequests () 
                 .sTMATCHERS ("/Admin/**"). Hasrole ("admin") 
                 . Orter ("/User/**"). HasanyRole ("admin", "user") 
                 //.antmatches 18 
                 .anyRequest (). Authenticated () 
                 .and ()) 
                 .formlogin () 
                 .loginProcessingurl ("/DOLOGIN") 
                 . Permitall () 
                 .and ()) 
                 .csrf (). Disable (); // Use postman to prevent being considered CSRF attack 
     } 
 }

@RequestMapping("/admin/hello")
public String admin(){
    return "Hello admin";
}

@RequestMapping("/user/hello")
public String user(){
    return "hello user";
}