[Java知识库]Springsecuri设置登录账号密码

Springsecuri设置登录账号密码
1：通过配置文件（properties或者yml）spring.security.user.name或者password
2：通过配置类设置@Configuration+extends WebSecurityConfigurerAdapter
auth.inMemoryAuthentication().withUser(“ysq”).password(new BCryptPasswordEncoder(“123456”)).roles(“admin”);
3：自定义编写实现类，继承WebSecurityConfigurerAdapter,auth.userDetailsService(UserDetailsService的实现类).passwordEncoder(new BCryptPasswordEncoder());

@Component
public class CustomSecurityDetails implements UserDetailsService {

    private UserService userService;

//    public CustomSecurityDetails(UserService userService) {
//        this.userService = userService;
//    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

//        SysUser sysUser = userService.findByUserName(username);
//
//        User.UserBuilder userBuilder = User.builder()
//                .username(sysUser.getName())
//                .password(sysUser.getPassword());
//        List<String> roles = new ArrayList<String>();
        List<GrantedAuthority> authors = AuthorityUtils.commaSeparatedStringToAuthorityList("role");
        if (!"jxx".equals(username)) {
            throw new UsernameNotFoundException("用户名或密码错误");
        }
        System.out.println(username);
        return new User("jxx",new BCryptPasswordEncoder().encode("1234568"),authors);
    }

DaoAuthenticationProvider 这个里面有个additionalAuthenticationChecks实现方法，里面根本没有验证账户，只验证的密码。所以在测试自定义编写实现类时加入了对用户名的判断。
以上只提供参考方法，实际开发肯定是要去数据库查询数据的。也就是在loadUserByUsername去数据库查询出数据再匹配。