From 08bae96ce03625f054f3977147a7e9861c51209d Mon Sep 17 00:00:00 2001
From: wuyouming666 <2265557248@qq.com>
Date: 星期五, 28 六月 2024 08:21:52 +0800
Subject: [PATCH] Merge branch 'master' of http://10.153.19.25:10101/r/HangZhouMes
---
hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java | 94 +++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 94 insertions(+), 0 deletions(-)
diff --git a/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
new file mode 100644
index 0000000..a130533
--- /dev/null
+++ b/hangzhoumesParent/common/springsecurity/src/main/java/com/mes/common/config/TokenWebSecurityConfig.java
@@ -0,0 +1,94 @@
+package com.mes.common.config;
+
+
+import com.mes.common.filter.JwtAuthenticationTokenFilter;
+import com.mes.common.handler.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {
+ @Autowired
+ private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
+ @Autowired
+ LoginFailureHandler loginFailureHandler;
+
+ @Autowired
+ LoginSuccessHandler loginSuccessHandler;
+
+ @Autowired
+ JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+
+ @Autowired
+ JwtAccessDeniedHandler jwtAccessDeniedHandler;
+
+ @Autowired
+ JwtLogoutSuccessHandler jwtLogoutSuccessHandler;
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+ /**
+ * 閰嶇疆杩囨护瑙勫垯
+ */
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+
+ http.cors().and().csrf().disable()
+
+ // 鐧诲綍閰嶇疆
+ .formLogin()
+ .successHandler(loginSuccessHandler)
+ .failureHandler(loginFailureHandler)
+
+ .and()
+ .logout()
+ .logoutSuccessHandler(jwtLogoutSuccessHandler)
+
+ // 绂佺敤session
+ .and()
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+ // 閰嶇疆鎷︽埅瑙勫垯
+ .and()
+ .authorizeRequests()
+ .antMatchers("/sys/user/login").anonymous()
+ .antMatchers("/swagger-ui.html").permitAll()
+ .antMatchers("/webjars/**").permitAll()
+ .antMatchers("/v2/**").permitAll()
+ .antMatchers("/swagger-resources/**").permitAll()
+ .antMatchers("/**").permitAll()
+ .anyRequest().authenticated()
+
+ // 寮傚父澶勭悊鍣�
+ .and()
+ .exceptionHandling()
+ .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+ .accessDeniedHandler(jwtAccessDeniedHandler)
+
+ // 閰嶇疆鑷畾涔夌殑杩囨护鍣�
+ .and()
+ .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
+ }
+
+ @Bean
+ @Override
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+}
--
Gitblit v1.8.0