{"id":1214665,"date":"2025-02-18T05:25:35","date_gmt":"2025-02-17T21:25:35","guid":{"rendered":"https:\/\/docs.pingcode.com\/ask\/ask-ask\/1214665.html"},"modified":"2025-02-18T05:25:38","modified_gmt":"2025-02-17T21:25:38","slug":"java%e9%a1%b9%e7%9b%ae%e4%b8%ad%e6%80%8e%e4%b9%88%e5%81%9a%e6%9d%83%e9%99%90%e7%ae%a1%e7%90%86","status":"publish","type":"post","link":"https:\/\/docs.pingcode.com\/ask\/1214665.html","title":{"rendered":"java\u9879\u76ee\u4e2d\u600e\u4e48\u505a\u6743\u9650\u7ba1\u7406"},"content":{"rendered":"

\"java\u9879\u76ee\u4e2d\u600e\u4e48\u505a\u6743\u9650\u7ba1\u7406\"<\/p>\n

\u5728Java\u9879\u76ee\u4e2d\u8fdb\u884c\u6743\u9650\u7ba1\u7406\u53ef\u4ee5\u901a\u8fc7<\/strong>\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u5206\u914d\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u8ba4\u8bc1\u548c\u6388\u6743\u3001\u65e5\u5fd7\u5ba1\u8ba1\u7b49\u65b9\u5f0f\u6765\u5b9e\u73b0\u3002\u4e0b\u9762\u6211\u5c06\u8be6\u7ec6\u4ecb\u7ecd\u5176\u4e2d\u7684\u4e00\u79cd\u65b9\u5f0f\u2014\u2014\u901a\u8fc7Spring Security\u8fdb\u884c\u6743\u9650\u7ba1\u7406\u7684\u65b9\u6cd5\u3002<\/p>\n<\/p>\n

\u4e00\u3001\u89d2\u8272\u7ba1\u7406<\/p>\n<\/p>\n

\u5728\u6743\u9650\u7ba1\u7406\u4e2d\uff0c\u89d2\u8272\u662f\u4e00\u4e2a\u975e\u5e38\u91cd\u8981\u7684\u6982\u5ff5\u3002\u89d2\u8272\u662f\u6743\u9650\u7684\u96c6\u5408\uff0c\u4e0d\u540c\u7684\u89d2\u8272\u62e5\u6709\u4e0d\u540c\u7684\u6743\u9650\u3002\u9996\u5148\uff0c\u9700\u8981\u5b9a\u4e49\u597d\u7cfb\u7edf\u4e2d\u7684\u89d2\u8272\uff0c\u4f8b\u5982\uff1a\u7ba1\u7406\u5458\u3001\u666e\u901a\u7528\u6237\u3001\u8bbf\u5ba2\u7b49\u3002\u7136\u540e\u6839\u636e\u4e1a\u52a1\u9700\u6c42\uff0c\u4e3a\u8fd9\u4e9b\u89d2\u8272\u5206\u914d\u76f8\u5e94\u7684\u6743\u9650\u3002<\/p>\n<\/p>\n

\u89d2\u8272\u7ba1\u7406\u7684\u7b2c\u4e00\u6b65\u662f\u521b\u5efa\u4e00\u4e2a\u89d2\u8272\u5b9e\u4f53\u7c7b\uff0c\u5e76\u5728\u6570\u636e\u5e93\u4e2d\u4e3a\u5176\u521b\u5efa\u76f8\u5e94\u7684\u8868\u3002\u4f8b\u5982\uff1a<\/p>\n<\/p>\n

@Entity<\/p>\n
public class Role {<\/p>\n
    @Id<\/p>\n
    @GeneratedValue(strategy = GenerationType.IDENTITY)<\/p>\n
    private Long id;<\/p>\n
    private String name;<\/p>\n
    \/\/ getters and setters<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u63a5\u7740\uff0c\u901a\u8fc7Spring Data JPA\u4e3a\u5176\u521b\u5efa\u4e00\u4e2a\u4ed3\u5e93\u63a5\u53e3\uff1a<\/p>\n<\/p>\n
public interface RoleRepository extends JpaRepository<Role, Long> {<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u4e8c\u3001\u6743\u9650\u5206\u914d<\/p>\n<\/p>\n
\u5728\u5b9e\u9645\u5e94\u7528\u4e2d\uff0c\u6743\u9650\u662f\u5206\u914d\u7ed9\u7528\u6237\u7684\uff0c\u800c\u4e0d\u662f\u76f4\u63a5\u5206\u914d\u7ed9\u89d2\u8272\u3002\u56e0\u6b64\uff0c\u9700\u8981\u4e3a\u7528\u6237\u521b\u5efa\u4e00\u4e2a\u7528\u6237\u5b9e\u4f53\u7c7b\uff0c\u5e76\u5728\u5176\u4e2d\u5b9a\u4e49\u4e00\u4e2a\u89d2\u8272\u96c6\u5408\u3002<\/p>\n<\/p>\n
@Entity<\/p>\n
public class User {<\/p>\n
    @Id<\/p>\n
    @GeneratedValue(strategy = GenerationType.IDENTITY)<\/p>\n
    private Long id;<\/p>\n
    private String username;<\/p>\n
    private String password;<\/p>\n
    @ManyToMany(fetch = FetchType.EAGER)<\/p>\n
    @JoinTable(name = "user_roles",<\/p>\n
            joinColumns = @JoinColumn(name = "user_id"),<\/p>\n
            inverseJoinColumns = @JoinColumn(name = "role_id"))<\/p>\n
    private Set<Role> roles;<\/p>\n
    \/\/ getters and setters<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u540c\u6837\uff0c\u4e3a\u7528\u6237\u5b9e\u4f53\u7c7b\u521b\u5efa\u4e00\u4e2a\u4ed3\u5e93\u63a5\u53e3\uff1a<\/p>\n<\/p>\n
public interface UserRepository extends JpaRepository<User, Long> {<\/p>\n
    User findByUsername(String username);<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u4e09\u3001\u8bbf\u95ee\u63a7\u5236<\/p>\n<\/p>\n
\u8bbf\u95ee\u63a7\u5236\u662f\u6743\u9650\u7ba1\u7406\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u901a\u8fc7\u8bbf\u95ee\u63a7\u5236\uff0c\u53ef\u4ee5\u9650\u5236\u7528\u6237\u5bf9\u7cfb\u7edf\u8d44\u6e90\u7684\u8bbf\u95ee\u3002\u5728Spring Security\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u914d\u7f6e\u7c7b\u6765\u5b9e\u73b0\u8bbf\u95ee\u63a7\u5236\u3002<\/p>\n<\/p>\n
\u9996\u5148\uff0c\u521b\u5efa\u4e00\u4e2aSpring Security\u914d\u7f6e\u7c7b\uff1a<\/p>\n<\/p>\n
@EnableWebSecurity<\/p>\n
public class SecurityConfig extends WebSecurityConfigurerAdapter {<\/p>\n
    @Autowired<\/p>\n
    private UserDetAI<\/a>lsService userDetailsService;<\/p>\n
    @Override<\/p>\n
    protected void configure(HttpSecurity http) throws Exception {<\/p>\n
        http<\/p>\n
            .authorizeRequests()<\/p>\n
                .antMatchers("\/admin\/").hasRole("ADMIN")<\/p>\n
                .antMatchers("\/user\/").hasAnyRole("USER", "ADMIN")<\/p>\n
                .antMatchers("\/", "\/home").permitAll()<\/p>\n
                .anyRequest().authenticated()<\/p>\n
                .and()<\/p>\n
            .formLogin()<\/p>\n
                .loginPage("\/login")<\/p>\n
                .permitAll()<\/p>\n
                .and()<\/p>\n
            .logout()<\/p>\n
                .permitAll();<\/p>\n
    }<\/p>\n
    @Autowired<\/p>\n
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {<\/p>\n
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());<\/p>\n
    }<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u5728\u8fd9\u4e2a\u914d\u7f6e\u7c7b\u4e2d\uff0c\u901a\u8fc7authorizeRequests()<\/code>\u65b9\u6cd5\u5b9a\u4e49\u4e86\u4e0d\u540c\u89d2\u8272\u5bf9\u4e0d\u540c\u8d44\u6e90\u7684\u8bbf\u95ee\u6743\u9650\u3002\u4f8b\u5982\uff0c\u53ea\u6709\u5177\u6709ADMIN<\/code>\u89d2\u8272\u7684\u7528\u6237\u53ef\u4ee5\u8bbf\u95ee\/admin\/<strong><\/code>\u8def\u5f84\u4e0b\u7684\u8d44\u6e90\uff0c\u5177\u6709USER<\/code>\u6216ADMIN<\/code>\u89d2\u8272\u7684\u7528\u6237\u53ef\u4ee5\u8bbf\u95ee\/user\/<\/strong><\/code>\u8def\u5f84\u4e0b\u7684\u8d44\u6e90\uff0c\u6240\u6709\u7528\u6237\u90fd\u53ef\u4ee5\u8bbf\u95ee\/<\/code>\u548c\/home<\/code>\u8def\u5f84\u4e0b\u7684\u8d44\u6e90\u3002<\/p>\n<\/p>\n
\u56db\u3001\u8ba4\u8bc1\u548c\u6388\u6743<\/p>\n<\/p>\n
\u8ba4\u8bc1\u662f\u9a8c\u8bc1\u7528\u6237\u8eab\u4efd\u7684\u8fc7\u7a0b\uff0c\u6388\u6743\u662f\u9a8c\u8bc1\u7528\u6237\u662f\u5426\u6709\u6743\u9650\u8bbf\u95ee\u67d0\u4e2a\u8d44\u6e90\u7684\u8fc7\u7a0b\u3002\u5728Spring Security\u4e2d\uff0c\u901a\u8fc7UserDetailsService<\/code>\u63a5\u53e3\u6765\u5b9e\u73b0\u7528\u6237\u7684\u8ba4\u8bc1\u548c\u6388\u6743\u3002<\/p>\n<\/p>\n
\u9996\u5148\uff0c\u521b\u5efa\u4e00\u4e2a\u7528\u6237\u8be6\u60c5\u670d\u52a1\u7c7b\uff0c\u5b9e\u73b0UserDetailsService<\/code>\u63a5\u53e3\uff1a<\/p>\n<\/p>\n
@Service<\/p>\n
public class CustomUserDetailsService implements UserDetailsService {<\/p>\n
    @Autowired<\/p>\n
    private UserRepository userRepository;<\/p>\n
    @Override<\/p>\n
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {<\/p>\n
        User user = userRepository.findByUsername(username);<\/p>\n
        if (user == null) {<\/p>\n
            throw new UsernameNotFoundException("User not found");<\/p>\n
        }<\/p>\n
        Set<GrantedAuthority> grantedAuthorities = new HashSet<>();<\/p>\n
        for (Role role : user.getRoles()) {<\/p>\n
            grantedAuthorities.add(new SimpleGrantedAuthority(role.getName()));<\/p>\n
        }<\/p>\n
        return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), grantedAuthorities);<\/p>\n
    }<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u5728\u8fd9\u4e2a\u7c7b\u4e2d\uff0c\u901a\u8fc7UserRepository<\/code>\u4ece\u6570\u636e\u5e93\u4e2d\u67e5\u627e\u7528\u6237\uff0c\u5e76\u5c06\u7528\u6237\u7684\u89d2\u8272\u8f6c\u6362\u4e3aSpring Security\u4e2d\u7684\u6743\u9650\u3002<\/p>\n<\/p>\n
\u4e94\u3001\u65e5\u5fd7\u5ba1\u8ba1<\/p>\n<\/p>\n
\u65e5\u5fd7\u5ba1\u8ba1\u662f\u6743\u9650\u7ba1\u7406\u7684\u91cd\u8981\u7ec4\u6210\u90e8\u5206\uff0c\u901a\u8fc7\u65e5\u5fd7\u5ba1\u8ba1\uff0c\u53ef\u4ee5\u8bb0\u5f55\u7528\u6237\u7684\u64cd\u4f5c\u884c\u4e3a\uff0c\u4fbf\u4e8e\u540e\u7eed\u7684\u5ba1\u8ba1\u548c\u5206\u6790\u3002\u5728Spring Security\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u4e8b\u4ef6\u76d1\u542c\u5668\u6765\u5b9e\u73b0\u65e5\u5fd7\u5ba1\u8ba1\u3002<\/p>\n<\/p>\n
\u9996\u5148\uff0c\u521b\u5efa\u4e00\u4e2a\u4e8b\u4ef6\u76d1\u542c\u5668\u7c7b\uff1a<\/p>\n<\/p>\n
@Component<\/p>\n
public class AuthenticationEventListener {<\/p>\n
    private static final Logger logger = LoggerFactory.getLogger(AuthenticationEventListener.class);<\/p>\n
    @EventListener<\/p>\n
    public void handleAuthenticationSuccessEvent(AuthenticationSuccessEvent event) {<\/p>\n
        String username = ((UserDetails) event.getAuthentication().getPrincipal()).getUsername();<\/p>\n
        logger.info("User {} logged in successfully", username);<\/p>\n
    }<\/p>\n
    @EventListener<\/p>\n
    public void handleAuthenticationFailureEvent(AuthenticationFailureBadCredentialsEvent event) {<\/p>\n
        String username = (String) event.getAuthentication().getPrincipal();<\/p>\n
        logger.warn("User {} failed to log in", username);<\/p>\n
    }<\/p>\n
}<\/p>\n
<\/code><\/pre>\n<\/p>\n
\u5728\u8fd9\u4e2a\u7c7b\u4e2d\uff0c\u901a\u8fc7@EventListener<\/code>\u6ce8\u89e3\u76d1\u542c\u8ba4\u8bc1\u6210\u529f\u548c\u8ba4\u8bc1\u5931\u8d25\u4e8b\u4ef6\uff0c\u5e76\u5c06\u4e8b\u4ef6\u4fe1\u606f\u8bb0\u5f55\u5230\u65e5\u5fd7\u4e2d\u3002<\/p>\n<\/p>\n
\u603b\u7ed3<\/p>\n<\/p>\n
\u5728Java\u9879\u76ee\u4e2d\u8fdb\u884c\u6743\u9650\u7ba1\u7406\uff0c\u53ef\u4ee5\u901a\u8fc7\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u5206\u914d\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u8ba4\u8bc1\u548c\u6388\u6743\u3001\u65e5\u5fd7\u5ba1\u8ba1\u7b49\u65b9\u5f0f\u6765\u5b9e\u73b0\u3002\u901a\u8fc7Spring Security\uff0c\u53ef\u4ee5\u65b9\u4fbf\u5730\u5b9e\u73b0\u8fd9\u4e9b\u529f\u80fd\uff0c\u4fdd\u8bc1\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002\u5e0c\u671b\u8fd9\u7bc7\u6587\u7ae0\u5bf9\u4f60\u6709\u6240\u5e2e\u52a9\u3002<\/p>\n<\/p>\n
\u76f8\u5173\u95ee\u7b54FAQs\uff1a<\/strong><\/h2>\n
 \u5982\u4f55\u5728Java\u9879\u76ee\u4e2d\u5b9e\u73b0\u7528\u6237\u6743\u9650\u7ba1\u7406\uff1f<\/strong>
\u5728Java\u9879\u76ee\u4e2d\uff0c\u5b9e\u73b0\u7528\u6237\u6743\u9650\u7ba1\u7406\u901a\u5e38\u9700\u8981\u7ed3\u5408Spring Security\u7b49\u6846\u67b6\u3002\u9996\u5148\uff0c\u9700\u8981\u5b9a\u4e49\u7528\u6237\u89d2\u8272\u548c\u6743\u9650\uff0c\u5e76\u521b\u5efa\u76f8\u5e94\u7684\u6570\u636e\u5e93\u8868\u6765\u5b58\u50a8\u8fd9\u4e9b\u4fe1\u606f\u3002\u63a5\u7740\uff0c\u5229\u7528Spring Security\u63d0\u4f9b\u7684\u529f\u80fd\u6765\u914d\u7f6e\u5b89\u5168\u6027\uff0c\u5305\u62ec\u8ba4\u8bc1\uff08\u5982\u7528\u6237\u540d\u548c\u5bc6\u7801\uff09\u548c\u6388\u6743\uff08\u8bbf\u95ee\u7279\u5b9a\u8d44\u6e90\u7684\u6743\u9650\uff09\u3002\u6b64\u5916\uff0c\u53ef\u4ee5\u4f7f\u7528\u6ce8\u89e3\u6765\u63a7\u5236\u65b9\u6cd5\u7ea7\u522b\u7684\u6743\u9650\uff0c\u786e\u4fdd\u53ea\u6709\u5408\u9002\u7684\u7528\u6237\u624d\u80fd\u8bbf\u95ee\u76f8\u5e94\u529f\u80fd\u3002<\/p>\n
\u5728Java\u9879\u76ee\u4e2d\uff0c\u5982\u4f55\u8bbe\u8ba1\u6743\u9650\u6a21\u578b\uff1f<\/strong>
\u8bbe\u8ba1\u6743\u9650\u6a21\u578b\u65f6\uff0c\u5efa\u8bae\u91c7\u7528\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236\uff08RBAC\uff09\u7b56\u7565\u3002\u5148\u8bc6\u522b\u7cfb\u7edf\u4e2d\u7684\u4e0d\u540c\u89d2\u8272\uff0c\u4f8b\u5982\u7ba1\u7406\u5458\u3001\u666e\u901a\u7528\u6237\u548c\u8bbf\u5ba2\u7b49\u3002\u63a5\u4e0b\u6765\uff0c\u4e3a\u6bcf\u4e2a\u89d2\u8272\u5206\u914d\u7279\u5b9a\u7684\u6743\u9650\uff0c\u6bd4\u5982\u521b\u5efa\u3001\u8bfb\u53d6\u3001\u66f4\u65b0\u548c\u5220\u9664\uff08CRUD\uff09\u64cd\u4f5c\u3002\u6784\u5efa\u7075\u6d3b\u7684\u6743\u9650\u4f53\u7cfb\uff0c\u53ef\u4ee5\u901a\u8fc7\u6570\u636e\u5e93\u8868\u6765\u52a8\u6001\u7ba1\u7406\u89d2\u8272\u4e0e\u6743\u9650\u7684\u5173\u7cfb\uff0c\u786e\u4fdd\u7cfb\u7edf\u7684\u53ef\u6269\u5c55\u6027\u548c\u6613\u4e8e\u7ef4\u62a4\u3002<\/p>\n
\u5982\u4f55\u786e\u4fdd\u6743\u9650\u7ba1\u7406\u7684\u5b89\u5168\u6027\uff1f<\/strong>
\u786e\u4fdd\u6743\u9650\u7ba1\u7406\u7684\u5b89\u5168\u6027\u9700\u8981\u591a\u65b9\u9762\u7684\u63aa\u65bd\u3002\u9996\u5148\uff0c\u4f7f\u7528\u52a0\u5bc6\u6280\u672f\u5b58\u50a8\u7528\u6237\u5bc6\u7801\uff0c\u9632\u6b62\u654f\u611f\u4fe1\u606f\u6cc4\u9732\u3002\u5176\u6b21\uff0c\u5b9a\u671f\u5ba1\u8ba1\u6743\u9650\u8bbe\u7f6e\uff0c\u786e\u4fdd\u7528\u6237\u4ec5\u80fd\u8bbf\u95ee\u5fc5\u8981\u7684\u8d44\u6e90\u3002\u6b64\u5916\uff0c\u5b9e\u65bd\u6700\u5c0f\u6743\u9650\u539f\u5219\uff0c\u786e\u4fdd\u7528\u6237\u53ea\u88ab\u6388\u4e88\u5b8c\u6210\u5de5\u4f5c\u6240\u9700\u7684\u6700\u4f4e\u6743\u9650\u3002\u901a\u8fc7\u65e5\u5fd7\u8bb0\u5f55\u7528\u6237\u8bbf\u95ee\u884c\u4e3a\uff0c\u4e5f\u80fd\u53ca\u65f6\u53d1\u73b0\u5f02\u5e38\u6d3b\u52a8\uff0c\u4ece\u800c\u589e\u5f3a\u7cfb\u7edf\u7684\u5b89\u5168\u6027\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"\u5728Java\u9879\u76ee\u4e2d\u8fdb\u884c\u6743\u9650\u7ba1\u7406\u53ef\u4ee5\u901a\u8fc7\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u5206\u914d\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u8ba4\u8bc1\u548c\u6388\u6743\u3001\u65e5\u5fd7\u5ba1\u8ba1\u7b49\u65b9\u5f0f\u6765\u5b9e\u73b0\u3002\u4e0b\u9762\u6211\u5c06\u8be6 […]","protected":false},"author":3,"featured_media":1214668,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[37],"tags":[],"acf":[],"_links":{"self":[{"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/posts\/1214665"}],"collection":[{"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/comments?post=1214665"}],"version-history":[{"count":"1","href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/posts\/1214665\/revisions"}],"predecessor-version":[{"id":1214669,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/posts\/1214665\/revisions\/1214669"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/media\/1214668"}],"wp:attachment":[{"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/media?parent=1214665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/categories?post=1214665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/docs.pingcode.com\/wp-json\/wp\/v2\/tags?post=1214665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}