目标

1.Token鉴权

2.Restful API

3.Spring Security+JWT

开始

自行新建Spring Boot工程

引入相关依赖

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-security</artifactId>

    <version>1.5.9.RELEASE</version>

</dependency>

<dependency>

    <groupId>io.jsonwebtoken</groupId>

    <artifactId>jjwt</artifactId>

    <version>0.9.0</version>

</dependency>

User类

非常简单的用户模型,将权限集成到了用户类中。

pacage com.domain
/**

 * 用户模型

 *

 * @author hackyo

 * Created on 2017/12/3 11:53.

 */

public class User {

    private String id;

    private String username;

    private String password;

    private List<String> roles;

    ......

    省略get、set方法

    ......

}

IUserRepository类

需实现对用户表的增删改查,此处可采用任意数据库,具体实现自行编写。

package com.dao
/**

 * 用户表操作接口

 *

 * @author hackyo

 * Created on 2017/12/3 11:53.

 */

@Component

public interface IUserRepository{

    /**

     * 通过用户名查找用户

     *

     * @param username 用户名

     * @return 用户信息

     */

    User findByUsername(String username);

}

JwtUser类

安全模块的用户模型

package com.security;

import com.fasterxml.jackson.annotation.JsonIgnore;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

/**

 * 安全用户模型

 *

 * @author hackyo

 * Created on 2017/12/8 9:20.

 */

public class JwtUser implements UserDetails {

    private String username;

    private String password;

    private Collection<? extends GrantedAuthority> authorities;

    JwtUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {

        this.username = username;

        this.password = password;

        this.authorities = authorities;

    }

    @Override

    public String getUsername() {

        return username;

    }

    @JsonIgnore

    @Override

    public String getPassword() {

        return password;

    }

    @Override

    public Collection<? extends GrantedAuthority> getAuthorities() {

        return authorities;

    }

    @JsonIgnore

    @Override

    public boolean isAccountNonExpired() {

        return true;

    }

    @JsonIgnore

    @Override

    public boolean isAccountNonLocked() {

        return true;

    }

    @JsonIgnore

    @Override

    public boolean isCredentialsNonExpired() {

        return true;

    }

    @JsonIgnore

    @Override

    public boolean isEnabled() {

        return true;

    }

}

JwtTokenUtil类

Token工具类

这里设置了密钥为aaaaaaaa,有效期为2592000秒

package com.security;

import io.jsonwebtoken.Claims;

import io.jsonwebtoken.Jwts;

import io.jsonwebtoken.SignatureAlgorithm;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.stereotype.Component;

import java.io.Serializable;

import java.util.Date;

import java.util.HashMap;

import java.util.Map;

/**

 * JWT工具类

 *

 * @author hackyo

 * Created on 2017/12/8 9:20.

 */

@Component

public class JwtTokenUtil implements Serializable {

    /**

     * 密钥

     */

    private final String secret = "aaaaaaaa";

    /**

     * 从数据声明生成令牌

     *

     * @param claims 数据声明

     * @return 令牌

     */

    private String generateToken(Map<String, Object> claims) {

        Date expirationDate = new Date(System.currentTimeMillis() + 2592000L * 1000);

        return Jwts.builder().setClaims(claims).setExpiration(expirationDate).signWith(SignatureAlgorithm.HS512, secret).compact();

    }

    /**

     * 从令牌中获取数据声明

     *

     * @param token 令牌

     * @return 数据声明

     */

    private Claims getClaimsFromToken(String token) {

        Claims claims;

        try {

            claims = Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();

        } catch (Exception e) {

            claims = null;

        }

        return claims;

    }

    /**

     * 生成令牌

     *

     * @param userDetails 用户

     * @return 令牌

     */

    public String generateToken(UserDetails userDetails) {

        Map<String, Object> claims = new HashMap<>(2);

        claims.put("sub", userDetails.getUsername());

        claims.put("created", new Date());

        return generateToken(claims);

    }

    /**

     * 从令牌中获取用户名

     *

     * @param token 令牌

     * @return 用户名

     */

    public String getUsernameFromToken(String token) {

        String username;

        try {

            Claims claims = getClaimsFromToken(token);

            username = claims.getSubject();

        } catch (Exception e) {

            username = null;

        }

        return username;

    }

    /**

     * 判断令牌是否过期

     *

     * @param token 令牌

     * @return 是否过期

     */

    public Boolean isTokenExpired(String token) {

        try {

            Claims claims = getClaimsFromToken(token);

            Date expiration = claims.getExpiration();

            return expiration.before(new Date());

        } catch (Exception e) {

            return false;

        }

    }

    /**

     * 刷新令牌

     *

     * @param token 原令牌

     * @return 新令牌

     */

    public String refreshToken(String token) {

        String refreshedToken;

        try {

            Claims claims = getClaimsFromToken(token);

            claims.put("created", new Date());

            refreshedToken = generateToken(claims);

        } catch (Exception e) {

            refreshedToken = null;

        }

        return refreshedToken;

    }

    /**

     * 验证令牌

     *

     * @param token       令牌

     * @param userDetails 用户

     * @return 是否有效

     */

    public Boolean validateToken(String token, UserDetails userDetails) {

        JwtUser user = (JwtUser) userDetails;

        String username = getUsernameFromToken(token);

        return (username.equals(user.getUsername()) && !isTokenExpired(token));

    }

}

JwtUserDetailsServiceImpl类

用户验证方法类

package com.security;

import com.safepass.dao.IUserRepository;

import com.safepass.domain.User;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.core.authority.SimpleGrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.core.userdetails.UsernameNotFoundException;

import org.springframework.stereotype.Service;

import java.util.stream.Collectors;

/**

 * 用户验证方法

 *

 * @author hackyo

 * Created on 2017/12/8 9:18.

 */

@Service

public class JwtUserDetailsServiceImpl implements UserDetailsService {

    private IUserRepository userRepository;

    @Autowired

    public JwtUserDetailsServiceImpl(IUserRepository userRepository) {

        this.userRepository = userRepository;

    }

    @Override

    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        User user = userRepository.findByUsername(username);

        if (user == null) {

            throw new UsernameNotFoundException(String.format("No user found with username '%s'.", username));

        } else {

            return new JwtUser(user.getUsername(), user.getPassword(), user.getRoles().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()));

        }

    }

}

JwtAuthenticationTokenFilter类

Token过滤器实现

package com.security;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.context.SecurityContextHolder;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

import org.springframework.stereotype.Component;

import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

/**

 * Token过滤器

 *

 * @author hackyo

 * Created on 2017/12/8 9:28.

 */

@Component

public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {

    private UserDetailsService userDetailsService;

    private JwtTokenUtil jwtTokenUtil;

    @Autowired

    public JwtAuthenticationTokenFilter(UserDetailsService userDetailsService, JwtTokenUtil jwtTokenUtil) {

        this.userDetailsService = userDetailsService;

        this.jwtTokenUtil = jwtTokenUtil;

    }

    @Override

    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {

        String authHeader = request.getHeader("Authorization");

        String tokenHead = "Bearer ";

        if (authHeader != null && authHeader.startsWith(tokenHead)) {

            String authToken = authHeader.substring(tokenHead.length());

            String username = jwtTokenUtil.getUsernameFromToken(authToken);

            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {

                UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);

                if (jwtTokenUtil.validateToken(authToken, userDetails)) {

                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());

                    authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

                    SecurityContextHolder.getContext().setAuthentication(authentication);

                }

            }

        }

        chain.doFilter(request, response);

    }

}

EntryPointUnauthorizedHandler类

自定义了身份验证失败的返回值

package com.security;

import org.springframework.security.core.AuthenticationException;

import org.springframework.security.web.AuthenticationEntryPoint;

import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

 * 自定401返回值

 *

 * @author hackyo

 * Created on 2017/12/9 20:10.

 */

@Component

public class EntryPointUnauthorizedHandler implements AuthenticationEntryPoint {

    @Override

    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) {

        response.setHeader("Access-Control-Allow-Origin", "*");

        response.setStatus(401);

    }

}

RestAccessDeniedHandler类

自定了权限不足的返回值

package com.security;

import org.springframework.security.access.AccessDeniedException;

import org.springframework.security.web.access.AccessDeniedHandler;

import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

/**

 * 自定403返回值

 *

 * @author hackyo

 * Created on 2017/12/9 20:10.

 */

@Component

public class RestAccessDeniedHandler implements AccessDeniedHandler {

    @Override

    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) {

        response.setHeader("Access-Control-Allow-Origin", "*");

        response.setStatus(403);

    }

}

WebSecurityConfig类

安全配置类

这里设置了禁止访问所有地址,除了用于验证身份的/user/**地址

同时密码的加密方式为BCrypt

package com.security;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Configuration;

import org.springframework.http.HttpMethod;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.config.http.SessionCreationPolicy;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**

 * 安全模块配置

 *

 * @author hackyo

 * Created on 2017/12/8 9:15.

 */

@Configuration

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true)

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private UserDetailsService userDetailsService;

    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    private EntryPointUnauthorizedHandler entryPointUnauthorizedHandler;

    private RestAccessDeniedHandler restAccessDeniedHandler;

    private PasswordEncoder passwordEncoder;

    @Autowired

    public WebSecurityConfig(UserDetailsService userDetailsService, JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter, EntryPointUnauthorizedHandler entryPointUnauthorizedHandler, RestAccessDeniedHandler restAccessDeniedHandler) {

        this.userDetailsService = userDetailsService;

        this.jwtAuthenticationTokenFilter = jwtAuthenticationTokenFilter;

        this.entryPointUnauthorizedHandler = entryPointUnauthorizedHandler;

        this.restAccessDeniedHandler = restAccessDeniedHandler;

        this.passwordEncoder = new BCryptPasswordEncoder();

    }

    @Autowired

    public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {

        authenticationManagerBuilder.userDetailsService(this.userDetailsService).passwordEncoder(passwordEncoder);

    }

    @Override

    protected void configure(HttpSecurity httpSecurity) throws Exception {

        httpSecurity.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)

                .and().authorizeRequests()

                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()

                .antMatchers("/user/**").permitAll()

                .anyRequest().authenticated()

                .and().headers().cacheControl();

        httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);

        httpSecurity.exceptionHandling().authenticationEntryPoint(entryPointUnauthorizedHandler).accessDeniedHandler(restAccessDeniedHandler);

    }

}

IUserService类

定义用户的基本操作

package com.service;

import com.domain.User;

/**

 * 用户操作接口

 *

 * @author hackyo

 * Created on 2017/12/3 11:53.

 */

public interface IUserService {

    /**

     * 用户登录

     *

     * @param username 用户名

     * @param password 密码

     * @return 操作结果

     */

    String login(String username, String password);

    /**

     * 用户注册

     *

     * @param user 用户信息

     * @return 操作结果

     */

    String register(User user);

    /**

     * 刷新密钥

     *

     * @param oldToken 原密钥

     * @return 新密钥

     */

    String refreshToken(String oldToken);

}

UserServiceImpl类

IUserService的实现类,注册时会将用户权限设置为ROLE_USER,同时将密码使用BCrypt加密

package com.service.impl;

import com.dao.IUserRepository;

import com.domain.User;

import com.security.JwtTokenUtil;

import com.service.IUserService;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.context.SecurityContextHolder;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.stereotype.Service;

import java.util.ArrayList;

import java.util.List;

/**

 * 用户操作接口实现

 *

 * @author hackyo

 * Created on 2017/12/3 11:53.

 */

@Service

public class UserServiceImpl implements IUserService {

    private AuthenticationManager authenticationManager;

    private UserDetailsService userDetailsService;

    private JwtTokenUtil jwtTokenUtil;

    private IUserRepository userRepository;

    @Autowired

    public UserServiceImpl(AuthenticationManager authenticationManager, UserDetailsService userDetailsService, JwtTokenUtil jwtTokenUtil, IUserRepository userRepository) {

        this.authenticationManager = authenticationManager;

        this.userDetailsService = userDetailsService;

        this.jwtTokenUtil = jwtTokenUtil;

        this.userRepository = userRepository;

    }

    @Override

    public String login(String username, String password) {

        UsernamePasswordAuthenticationToken upToken = new UsernamePasswordAuthenticationToken(username, password);

        Authentication authentication = authenticationManager.authenticate(upToken);

        SecurityContextHolder.getContext().setAuthentication(authentication);

        UserDetails userDetails = userDetailsService.loadUserByUsername(username);

        return jwtTokenUtil.generateToken(userDetails);

    }

    @Override

    public String register(User user) {

        String username = user.getUsername();

        if (userRepository.findByUsername(username) != null) {

            return "用户已存在";

        }

        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();

        String rawPassword = user.getPassword();

        user.setPassword(encoder.encode(rawPassword));

        List<String> roles = new ArrayList<>();

        roles.add("ROLE_USER");

        user.setRoles(roles);

        userRepository.insert(user);

        return "success";

    }

    @Override

    public String refreshToken(String oldToken) {

        String token = oldToken.substring("Bearer ".length());

        if (!jwtTokenUtil.isTokenExpired(token)) {

            return jwtTokenUtil.refreshToken(token);

        }

        return "error";

    }

}

UserController类

控制器,控制访问

package com.controller;

import com.domain.User;

import com.service.IUserService;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.core.AuthenticationException;

import org.springframework.web.bind.annotation.*;

/**

 * 用户管理Controller

 *

 * @author hackyo

 * Created on 2017/12/3 11:53.

 */

@CrossOrigin

@RestController

@RequestMapping(value = "/user", produces = "text/html;charset=UTF-8")

public class UserController {

    private IUserService userService;

    @Autowired

    public UserController(IUserService userService) {

        this.userService = userService;

    }

    /**

     * 用户登录

     *

     * @param username 用户名

     * @param password 密码

     * @return 操作结果

     * @throws AuthenticationException 错误信息

     */

    @PostMapping(value = "/login", params = {"username", "password"})

    public String getToken(String username, String password) throws AuthenticationException {

        return userService.login(username, password);

    }

    /**

     * 用户注册

     *

     * @param user          用户信息

     * @return 操作结果

     * @throws AuthenticationException 错误信息

     */

    @PostMapping(value = "/register")

    public String register(User user) throws AuthenticationException {

        return userService.register(user);

    }

    /**

     * 刷新密钥

     *

     * @param authorization 原密钥

     * @return 新密钥

     * @throws AuthenticationException 错误信息

     */

    @GetMapping(value = "/refreshToken")

    public String refreshToken(@RequestHeader String authorization) throws AuthenticationException {

        return userService.refreshToken(authorization);

    }

}

 

使用

只需要在方法或类上加注解即可实现账号控制

例如,我们想控制该方法只允许用户本人使用,#号表示方法的参数,可以在参数中加上@P('name')来指定名称,同时也可直接使用模型,如user.username等

总之,其中可以写入任何Spring EL

@PreAuthorize("#username == authentication.name")

    @GetMapping(value = "/getInfo")

    public String getInfo(String username) {

        return JSON.toJSONString(userService.getInfo(username));

    }

另外也可以自定义控制注解,使用@PostFilter注解,并实现hasPermission类即可,同时需要在WebSecurityConfigurerAdapter中开启。

测试

运行程序后,我们使用Postman进行测试

1.注册

URL:http://localhost:8080/user/register

参数:username、password

返回success即为成功

 2.登录

URL:http://localhost:8080/user/login

参数:username、password

可以看到服务器将我们的Token返回了

 3.刷新Token

URL(GET方法):http://localhost:8080/user/refreshToken

参数:在Header中加入登录时返回的Token,注意,需要在Token前加上“Bearer ”,最后有个空格

Authorization:Bearer eyJhbGciOiJIUzUxMiJ9.eyJleHAiOjE1MTMzMTE1NjMsInN1YiI6IjEyMyIsImNyZWF0ZWQiOjE1MTI3MDY3NjM3NjB9.baiY8QcbJgq4FQMC2piN1smbW57WjDDTiRVIL9hJeC_DcPgcyJweWqkS6g7825mPKFlByuUx7XN8nUOIszDVcw

可以看到服务器给我们返回了新的Token,如果我们不加上Token的话,将无法访问

参考:

  http://www.jianshu.com/p/6307c89fe3fa

  http://www.jianshu.com/p/4468a2fff879

本文转载自

原文作者:Hackyo

原文链接:https://www.cnblogs.com/hackyo/p/8004928.html

Spring Security和JWT实现登录授权认证的更多相关文章

  1. spring boot:spring security整合jwt实现登录和权限验证(spring boot 2.3.3)

    一,为什么使用jwt? 1,什么是jwt? Json Web Token, 它是JSON风格的轻量级的授权和身份认证规范, 可以实现无状态.分布式的Web应用授权 2,jwt的官网: https:// ...

  2. Spring Boot使用Shiro实现登录授权认证

    1.Shiro是Apache下的一个开源项目,我们称之为Apache Shiro.它是一个很易用与Java项目的的安全框架,提供了认证.授权.加密.会话管理,与spring Security 一样都是 ...

  3. 【Spring Cloud & Alibaba 实战 | 总结篇】Spring Cloud Gateway + Spring Security OAuth2 + JWT 实现微服务统一认证授权和鉴权

    一. 前言 hi,大家好~ 好久没更文了,期间主要致力于项目的功能升级和问题修复中,经过一年时间的打磨,[有来]终于迎来v2.0版本,相较于v1.x版本主要完善了OAuth2认证授权.鉴权的逻辑,结合 ...

  4. 用Spring Security, JWT, Vue实现一个前后端分离无状态认证Demo

    简介 完整代码 https://github.com/PuZhiweizuishuai/SpringSecurity-JWT-Vue-Deom 运行展示 后端 主要展示 Spring Security ...

  5. Spring Security整合JWT,实现单点登录,So Easy~!

    前面整理过一篇 SpringBoot Security前后端分离,登录退出等返回json数据,也就是用Spring Security,基于SpringBoot2.1.4 RELEASE前后端分离的情况 ...

  6. Springboot集成Spring Security实现JWT认证

    我最新最全的文章都在南瓜慢说 www.pkslow.com,欢迎大家来喝茶! 1 简介 Spring Security作为成熟且强大的安全框架,得到许多大厂的青睐.而作为前后端分离的SSO方案,JWT ...

  7. Springboot WebFlux集成Spring Security实现JWT认证

    我最新最全的文章都在南瓜慢说 www.pkslow.com,欢迎大家来喝茶! 1 简介 在之前的文章<Springboot集成Spring Security实现JWT认证>讲解了如何在传统 ...

  8. Spring Security OAuth2 SSO 单点登录

    基于 Spring Security OAuth2 SSO 单点登录系统 SSO简介 单点登录(英语:Single sign-on,缩写为 SSO),又译为单一签入,一种对于许多相互关连,但是又是各自 ...

  9. Spring Security + OAuth2 + JWT 基本使用

    Spring Security + OAuth2 + JWT 基本使用 前面学习了 Spring Security 入门,现在搭配 oauth2 + JWT 进行测试. 1.什么是 OAuth2 OA ...

随机推荐

  1. java的静态内部类

    只是一个简单的记录.因为一直排斥java这个东西.java跟c++比是很不错的一个语言,至少内存管理这么麻烦的东西不用操心了.但是和不断崛起的脚本语言比起来,效率差的太多.无论如何做android还是 ...

  2. (01背包 先排序)Proud Merchants (hdu 3466)

    http://acm.hdu.edu.cn/showproblem.php?pid=3466   Description Recently, iSea went to an ancient count ...

  3. POJ3723--Conscription(MST)WRONG

    Description Windy has a country, and he wants to build an army to protect his country. He has picked ...

  4. HDU3488 Tour

    Tour Time Limit: 3000/1000 MS (Java/Others)    Memory Limit: 65535/65535 K (Java/Others) Total Submi ...

  5. Delphi中Unicode转中文

    function UnicodeToChinese(inputstr: string): string; var i: Integer; index: Integer; temp, top, last ...

  6. ServiceStack NetCoreAppSettings 配置文件读取和设置

    假设Node和npm已经安装 npm install -g @servicestack/cli 执行命令dotnet-new selfhost SSHost 这样就创建了ServiceStack的控制 ...

  7. [译] 玩转ptrace (一)

    [本文翻译自这里: http://www.linuxjournal.com/article/6100?page=0,0,作者:Pradeep Padaia] 你是否曾经想过怎样才能拦截系统调用?你是否 ...

  8. HttpURLConnection与HttpClient随笔

    目前在工作中遇到的需要各种对接接口的工作,需要用到HTTP的知识,工作完成后想要做一些笔记,本来知识打算把自己写的代码粘贴上来就好了,但是偶然发现一篇博文对这些知识的总结非常到位,自认无法写的这么好, ...

  9. CE+X64dbg外挂制作教程 [提高篇]

    人造指针&基址 实验目标:通过向游戏注入一段特殊汇编代码,实现自动获取动态地址.省略找基址的麻烦 为什么会出现人造指针 ? 1.基址偏移层数太多,很难找 2.有些游戏根本找不到基址 人造指针有 ...

  10. 使用solr crud 的三种方式(了该)

    1.solrJ       实际是http 请/响 2.spring data solr 实际是对官方类库(solrJ)的封装 3.使用httpClient 手动请求