带有注释 SQL 数据源的基本弹簧安全性

@Configuration
public class AppSecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
DataSource dataSource;

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth)
        throws Exception {       
     auth.jdbcAuthentication().dataSource(dataSource)
    .passwordEncoder(new BCryptPasswordEncoder())
    .usersByUsernameQuery("select username,password, enabled from users where username=?")
    .authoritiesByUsernameQuery("select username, role from user_roles where username=?");

}
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable();
    http.authorizeRequests().antMatchers(".resources/**", "/public/**")
            .permitAll().anyRequest().authenticated().and().formLogin()
            .loginPage("/login").permitAll().and().logout().permitAll();

    }

}