派生自 YiWuProject
hangzhoumesParent/common/springsecurity/src/main/java/com/mes/config/TokenWebSecurityConfig.java
New file @@ -0,0 +1,69 @@ //package com.mes.config; // // //import com.mes.filter.TokenAuthFilter; //import com.mes.filter.TokenLoginFilter; //import com.mes.security.DefaultPasswordEncoder; //import com.mes.security.TokenLogoutHandler; //import com.mes.security.TokenManager; //import com.mes.security.UnauthEntryPoint; //import org.springframework.beans.factory.annotation.Autowired; //import org.springframework.context.annotation.Configuration; //import org.springframework.data.redis.core.RedisTemplate; //import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; //import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; //import org.springframework.security.config.annotation.web.builders.HttpSecurity; //import org.springframework.security.config.annotation.web.builders.WebSecurity; //import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; //import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; //import org.springframework.security.core.userdetails.UserDetailsService; // //@Configuration //@EnableWebSecurity //@EnableGlobalMethodSecurity(prePostEnabled = true) //public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter { // // private TokenManager tokenManager; // private RedisTemplate redisTemplate; // private DefaultPasswordEncoder defaultPasswordEncoder; // private UserDetailsService userDetailsService; // // @Autowired // public TokenWebSecurityConfig(UserDetailsService userDetailsService, DefaultPasswordEncoder defaultPasswordEncoder, // TokenManager tokenManager, RedisTemplate redisTemplate) { // this.userDetailsService = userDetailsService; // this.defaultPasswordEncoder = defaultPasswordEncoder; // this.tokenManager = tokenManager; // this.redisTemplate = redisTemplate; // } // // /** // * 配置设置 // * @param http // * @throws Exception // */ // //设置退出的地址和token,redis操作地址 // @Override // protected void configure(HttpSecurity http) throws Exception { // http.exceptionHandling() // .authenticationEntryPoint(new UnauthEntryPoint())//没有权限访问 // .and().csrf().disable() // .authorizeRequests() // .anyRequest().authenticated() // .and().logout().logoutUrl("/admin/acl/index/logout")//退出路径 // .addLogoutHandler(new TokenLogoutHandler(tokenManager,redisTemplate)).and() // .addFilter(new TokenLoginFilter(authenticationManager(), tokenManager, redisTemplate)) // .addFilter(new TokenAuthFilter(authenticationManager(), tokenManager, redisTemplate)).httpBasic(); // } // // //调用userDetailsService和密码处理 // @Override // public void configure(AuthenticationManagerBuilder auth) throws Exception { // auth.userDetailsService(userDetailsService).passwordEncoder(defaultPasswordEncoder); // } // //不进行认证的路径,可以直接访问 // @Override // public void configure(WebSecurity web) throws Exception { // web.ignoring().antMatchers("/api/**"); // } //}
