SpringSecurity授权、认证

引入依赖

<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency><groupId>org.thymeleaf.extras</groupId><artifactId>thymeleaf-extras-springsecurity5</artifactId><version>3.0.4.RELEASE</version>
</dependency>

配置类SecurityConfig

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {//授权@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/fail").permitAll().antMatchers("/level1/**").hasRole("vip1").antMatchers("/level2/**").hasRole("vip2").antMatchers("/level3/**").hasRole("vip3");http.formLogin().defaultSuccessUrl("/index")  //登录认证成功后默认转跳的路径.failureForwardUrl("/fail");//http.formLogin().usernameParameter("username").passwordParameter("password").loginPage("/toLogin").loginProcessingUrl("/login"); //.loginPage定制登录跳转页//http.logout().deleteCookies("remove").invalidateHttpSession(true);http.csrf().disable(); //关闭csrf功能http.logout().logoutSuccessUrl("/"); //开启注销功能，注销成功跳转到首页http.rememberMe().rememberMeParameter("remember"); //开启记住我功能}//认证@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder()).withUser("ls").password(new BCryptPasswordEncoder().encode("123456")).roles("vip2", "vip3").and().withUser("root").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1", "vip2", "vip3").and().withUser("guest").password(new BCryptPasswordEncoder().encode("123456")).roles("vip1", "vip2");}
}

index.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org"xmlns:sec="http://www.thymeleaf.org/extras/spring-security"><head><meta charset&