//package com.mes.config;
|
//
|
//
|
//import com.mes.filter.TokenAuthFilter;
|
//import com.mes.filter.TokenLoginFilter;
|
//import com.mes.security.DefaultPasswordEncoder;
|
//import com.mes.security.TokenLogoutHandler;
|
//import com.mes.security.TokenManager;
|
//import com.mes.security.UnauthEntryPoint;
|
//import org.springframework.beans.factory.annotation.Autowired;
|
//import org.springframework.context.annotation.Configuration;
|
//import org.springframework.data.redis.core.RedisTemplate;
|
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
//import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
//import org.springframework.security.core.userdetails.UserDetailsService;
|
//
|
//@Configuration
|
//@EnableWebSecurity
|
//@EnableGlobalMethodSecurity(prePostEnabled = true)
|
//public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {
|
//
|
// private TokenManager tokenManager;
|
// private RedisTemplate redisTemplate;
|
// private DefaultPasswordEncoder defaultPasswordEncoder;
|
// private UserDetailsService userDetailsService;
|
//
|
// @Autowired
|
// public TokenWebSecurityConfig(UserDetailsService userDetailsService, DefaultPasswordEncoder defaultPasswordEncoder,
|
// TokenManager tokenManager, RedisTemplate redisTemplate) {
|
// this.userDetailsService = userDetailsService;
|
// this.defaultPasswordEncoder = defaultPasswordEncoder;
|
// this.tokenManager = tokenManager;
|
// this.redisTemplate = redisTemplate;
|
// }
|
//
|
// /**
|
// * 配置设置
|
// * @param http
|
// * @throws Exception
|
// */
|
// //设置退出的地址和token,redis操作地址
|
// @Override
|
// protected void configure(HttpSecurity http) throws Exception {
|
// http.exceptionHandling()
|
// .authenticationEntryPoint(new UnauthEntryPoint())//没有权限访问
|
// .and().csrf().disable()
|
// .authorizeRequests()
|
// .anyRequest().authenticated()
|
// .and().logout().logoutUrl("/admin/acl/index/logout")//退出路径
|
// .addLogoutHandler(new TokenLogoutHandler(tokenManager,redisTemplate)).and()
|
// .addFilter(new TokenLoginFilter(authenticationManager(), tokenManager, redisTemplate))
|
// .addFilter(new TokenAuthFilter(authenticationManager(), tokenManager, redisTemplate)).httpBasic();
|
// }
|
//
|
// //调用userDetailsService和密码处理
|
// @Override
|
// public void configure(AuthenticationManagerBuilder auth) throws Exception {
|
// auth.userDetailsService(userDetailsService).passwordEncoder(defaultPasswordEncoder);
|
// }
|
// //不进行认证的路径,可以直接访问
|
// @Override
|
// public void configure(WebSecurity web) throws Exception {
|
// web.ignoring().antMatchers("/api/**");
|
// }
|
//}
|
