From 93e36c526fe445c14d5fb19f3653f8a8e55e3a6c Mon Sep 17 00:00:00 2001
From: wang <3597712270@qq.com>
Date: 星期四, 09 五月 2024 15:49:34 +0800
Subject: [PATCH] Merge branch 'master' of http://10.153.19.25:10101/r/HangZhouMes
---
hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java | 64 ++++++++++++++++++++++++++------
1 files changed, 52 insertions(+), 12 deletions(-)
diff --git a/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
index e4a543e..e5f3071 100644
--- a/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
+++ b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
@@ -2,23 +2,40 @@
import com.mes.common.filter.JwtAuthenticationTokenFilter;
+import com.mes.common.handler.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@Configuration
-//@EnableWebSecurity
+@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
+ @Autowired
+ LoginFailureHandler loginFailureHandler;
+
+ @Autowired
+ LoginSuccessHandler loginSuccessHandler;
+
+ @Autowired
+ JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+
+ @Autowired
+ JwtAccessDeniedHandler jwtAccessDeniedHandler;
+
+ @Autowired
+ JwtLogoutSuccessHandler jwtLogoutSuccessHandler;
@Bean
public PasswordEncoder passwordEncoder() {
@@ -30,19 +47,42 @@
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
- http
- //鍏抽棴csrf
- .csrf().disable()
- //涓嶉�氳繃Session鑾峰彇SecurityContext
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+ http.cors().and().csrf().disable()
+
+ // 鐧诲綍閰嶇疆
+ .formLogin()
+ .successHandler(loginSuccessHandler)
+ .failureHandler(loginFailureHandler)
+
+ .and()
+ .logout()
+ .logoutSuccessHandler(jwtLogoutSuccessHandler)
+
+ // 绂佺敤session
+ .and()
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+ // 閰嶇疆鎷︽埅瑙勫垯
.and()
.authorizeRequests()
- // 瀵逛簬鐧诲綍鎺ュ彛 鍏佽鍖垮悕璁块棶
- .antMatchers("/userinfo/login").anonymous()
- .antMatchers("/hello").permitAll()
- // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
- .anyRequest().permitAll();
-// http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
+ .antMatchers("/sys/user/login").anonymous()
+ .antMatchers("/swagger-ui.html").permitAll()
+ .antMatchers("/webjars/**").permitAll()
+ .antMatchers("/v2/**").permitAll()
+ .antMatchers("/swagger-resources/**").permitAll()
+ .anyRequest().authenticated()
+
+ // 寮傚父澶勭悊鍣�
+ .and()
+ .exceptionHandling()
+ .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+ .accessDeniedHandler(jwtAccessDeniedHandler)
+
+ // 閰嶇疆鑷畾涔夌殑杩囨护鍣�
+ .and()
+ .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
@Bean
--
Gitblit v1.8.0