义乌项目
blame | 历史 | 补丁 | 提交 | 提交对比 | show whitespace
zhoushihao
2024-04-24 a72412ea76015aa84883da72e643c63096c71a24 
 hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java


@@ -8,17 +8,27 @@


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.config.http.SessionCreationPolicy;


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.security.crypto.password.PasswordEncoder;


import org.springframework.security.web.AuthenticationEntryPoint;


import org.springframework.security.web.access.AccessDeniedHandler;


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;




@Configuration


//@EnableWebSecurity


@EnableWebSecurity


@EnableGlobalMethodSecurity(prePostEnabled = true)


public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired


    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;




    @Autowired


    private AuthenticationEntryPoint authenticationEntryPoint;




    @Autowired


    private AccessDeniedHandler accessDeniedHandler;




    @Bean


    public PasswordEncoder passwordEncoder() {


@@ -39,10 +49,16 @@


                .authorizeRequests()


                // 对于登录接口 允许匿名访问


                .antMatchers("/userinfo/login").anonymous()


                .antMatchers("/hello").permitAll()


                // 除上面外的所有请求全部需要鉴权认证


                .anyRequest().permitAll();


//        http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);


                .anyRequest().authenticated();


        http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);




        //配置异常处理器


        http.exceptionHandling()


                .authenticationEntryPoint(authenticationEntryPoint)


                .accessDeniedHandler(accessDeniedHandler);


        //允许跨域


        http.cors();


    }




    @Bean