From 6091a9cac0ef3236bd05137a5fae9a9cf1913ed4 Mon Sep 17 00:00:00 2001
From: wuyouming666 <2265557248@qq.com>
Date: 星期一, 29 四月 2024 16:03:21 +0800
Subject: [PATCH] Merge branch 'master' of http://10.153.19.25:10101/r/HangZhouMes
---
hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java | 64 ++++++--------------------------
1 files changed, 12 insertions(+), 52 deletions(-)
diff --git a/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
index e5f3071..e4a543e 100644
--- a/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
+++ b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
@@ -2,40 +2,23 @@
import com.mes.common.filter.JwtAuthenticationTokenFilter;
-import com.mes.common.handler.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
-@EnableWebSecurity
+//@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
- @Autowired
- LoginFailureHandler loginFailureHandler;
-
- @Autowired
- LoginSuccessHandler loginSuccessHandler;
-
- @Autowired
- JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
-
- @Autowired
- JwtAccessDeniedHandler jwtAccessDeniedHandler;
-
- @Autowired
- JwtLogoutSuccessHandler jwtLogoutSuccessHandler;
@Bean
public PasswordEncoder passwordEncoder() {
@@ -47,42 +30,19 @@
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
-
- http.cors().and().csrf().disable()
-
- // 鐧诲綍閰嶇疆
- .formLogin()
- .successHandler(loginSuccessHandler)
- .failureHandler(loginFailureHandler)
-
- .and()
- .logout()
- .logoutSuccessHandler(jwtLogoutSuccessHandler)
-
- // 绂佺敤session
- .and()
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-
- // 閰嶇疆鎷︽埅瑙勫垯
+ http
+ //鍏抽棴csrf
+ .csrf().disable()
+ //涓嶉�氳繃Session鑾峰彇SecurityContext
+ .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
- .antMatchers("/sys/user/login").anonymous()
- .antMatchers("/swagger-ui.html").permitAll()
- .antMatchers("/webjars/**").permitAll()
- .antMatchers("/v2/**").permitAll()
- .antMatchers("/swagger-resources/**").permitAll()
- .anyRequest().authenticated()
-
- // 寮傚父澶勭悊鍣�
- .and()
- .exceptionHandling()
- .authenticationEntryPoint(jwtAuthenticationEntryPoint)
- .accessDeniedHandler(jwtAccessDeniedHandler)
-
- // 閰嶇疆鑷畾涔夌殑杩囨护鍣�
- .and()
- .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
+ // 瀵逛簬鐧诲綍鎺ュ彛 鍏佽鍖垮悕璁块棶
+ .antMatchers("/userinfo/login").anonymous()
+ .antMatchers("/hello").permitAll()
+ // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
+ .anyRequest().permitAll();
+// http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
@Bean
--
Gitblit v1.8.0