设置登录成功返回json创建一个类并且实现AuthenticationSuccessHandler接口,
import com.example.springsecuritystudy3.vo.HttpResult;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @description: 只要认证成功那么久返回json
* @author 长白崎
* @date 2023/7/17 5:11
* @version 1.0
*/
@Slf4j
@Component
public class AppAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Resource
private ObjectMapper objectMapper;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
HttpResult httpResult = HttpResult.builder()
.code(1)
.msg("登录成功")
.build();
String responseJson = objectMapper.writeValueAsString(httpResult);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.println(responseJson);
writer.flush();
}
}
实现接口之后只需要Security配置类当中配置好即可。
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import javax.annotation.Resource;
@Configuration
@Slf4j
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
AppAuthenticationSuccessHandler appAuthenticationSuccessHandler;
@Resource
AppAuthenticationFailureHandler appAuthenticationFailureHandler;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated();
//设置登录成功处理器
http.formLogin()
.successHandler(appAuthenticationSuccessHandler) //配置登录成功事件
.failureHandler(appAuthenticationFailureHandler) //配置登录失败事件
.permitAll();
}
}
设置退出登录成功返回json创建一个类并且实现LogoutSuccessHandler接口,
import com.example.springsecuritystudy3.vo.HttpResult;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @description: 退出登录成功
* @author 长白崎
* @date 2023/7/17 5:41
* @version 1.0
*/
@Component
public class AppLogoutSuccessHandler implements LogoutSuccessHandler {
@Resource
ObjectMapper objectMapper;
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
HttpResult httpResult = HttpResult.builder()
.code(0)
.msg("退出登录成功")
.build();
String json = objectMapper.writeValueAsString(httpResult);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=utf-8");
PrintWriter printWriter = response.getWriter();
printWriter.println(json);
printWriter.flush();
}
}
设置登录失败返回json创建一个类并且实现AuthenticationSuccessHandler接口,
import com.example.springsecuritystudy3.vo.HttpResult;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@Slf4j
@Component
public class AppAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Resource
ObjectMapper objectMapper;
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
HttpResult httpResult = HttpResult.builder()
.code(0)
.msg("登录失败")
.build();
String json = objectMapper.writeValueAsString(httpResult);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=utf-8");
PrintWriter printWriter = response.getWriter();
printWriter.println(json);
printWriter.flush();
}
}
设置访问拒绝返回json创建一个类并且实现AuthenticationSuccessHandler接口,
import com.example.springsecuritystudy3.vo.HttpResult;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @description: 访问拒绝处理
* @author 长白崎
* @date 2023/7/17 5:40
* @version 1.0
*/
@Component
public class AppAccessDenyHandler implements AccessDeniedHandler {
@Resource
ObjectMapper objectMapper;
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
HttpResult httpResult = HttpResult.builder()
.code(2)
.msg("您没有权限访问")
.build();
String json = objectMapper.writeValueAsString(httpResult);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=utf-8");
PrintWriter printWriter = response.getWriter();
printWriter.println(json);
printWriter.flush();
}
}
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import javax.annotation.Resource;
@Configuration
@Slf4j
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
AppAuthenticationSuccessHandler appAuthenticationSuccessHandler;
@Resource
AppAuthenticationFailureHandler appAuthenticationFailureHandler;
@Resource
AppLogoutSuccessHandler appLogoutSuccessHandler;
@Resource
AppAccessDenyHandler appAccessDenyHandler;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated();
//设置登录成功处理器
http.formLogin()
.successHandler(appAuthenticationSuccessHandler) //配置登录成功处理器
.failureHandler(appAuthenticationFailureHandler) //配置登录失败处理器
.permitAll();
http.logout().logoutSuccessHandler(appLogoutSuccessHandler); //配置退出成功处理器
http.exceptionHandling().accessDeniedHandler(appAccessDenyHandler); //配置访问拒绝处理器
}
}