Yangkai.Shen
5 years ago
1 changed files with 19 additions and 56 deletions
Unified View
Diff Options
-
+19 -56spring-boot-demo-rbac-security/src/main/java/com/xkcoding/rbac/security/config/SecurityConfig.java
+ 19
- 56
spring-boot-demo-rbac-security/src/main/java/com/xkcoding/rbac/security/config/SecurityConfig.java
View File
| @@ -59,24 +59,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { | |||||
| @Override | @Override | ||||
| protected void configure(AuthenticationManagerBuilder auth) throws Exception { | protected void configure(AuthenticationManagerBuilder auth) throws Exception { | ||||
| auth.userDetailsService(customUserDetailsService) | |||||
| .passwordEncoder(encoder()); | |||||
| auth.userDetailsService(customUserDetailsService).passwordEncoder(encoder()); | |||||
| } | } | ||||
| @Override | @Override | ||||
| protected void configure(HttpSecurity http) throws Exception { | protected void configure(HttpSecurity http) throws Exception { | ||||
| http.cors() | |||||
| // @formatter:off | |||||
| http.cors() | |||||
| // 关闭 CSRF | // 关闭 CSRF | ||||
| .and() | |||||
| .csrf() | |||||
| .disable() | |||||
| .and().csrf().disable() | |||||
| // 登录行为由自己实现,参考 AuthController#login | // 登录行为由自己实现,参考 AuthController#login | ||||
| .formLogin() | |||||
| .disable() | |||||
| .httpBasic() | |||||
| .disable() | |||||
| .formLogin().disable() | |||||
| .httpBasic().disable() | |||||
| // 认证请求 | // 认证请求 | ||||
| .authorizeRequests() | .authorizeRequests() | ||||
| @@ -88,19 +83,15 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { | |||||
| .access("@rbacAuthorityService.hasPermission(request,authentication)") | .access("@rbacAuthorityService.hasPermission(request,authentication)") | ||||
| // 登出行为由自己实现,参考 AuthController#logout | // 登出行为由自己实现,参考 AuthController#logout | ||||
| .and() | |||||
| .logout() | |||||
| .disable() | |||||
| .and().logout().disable() | |||||
| // Session 管理 | // Session 管理 | ||||
| .sessionManagement() | .sessionManagement() | ||||
| // 因为使用了JWT,所以这里不管理Session | // 因为使用了JWT,所以这里不管理Session | ||||
| .sessionCreationPolicy(SessionCreationPolicy.STATELESS) | .sessionCreationPolicy(SessionCreationPolicy.STATELESS) | ||||
| // 异常处理 | // 异常处理 | ||||
| .and() | |||||
| .exceptionHandling() | |||||
| .accessDeniedHandler(accessDeniedHandler); | |||||
| .and().exceptionHandling().accessDeniedHandler(accessDeniedHandler); | |||||
| // @formatter:on | |||||
| // 添加自定义 JWT 过滤器 | // 添加自定义 JWT 过滤器 | ||||
| http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); | http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); | ||||
| @@ -113,62 +104,34 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { | |||||
| */ | */ | ||||
| @Override | @Override | ||||
| public void configure(WebSecurity web) { | public void configure(WebSecurity web) { | ||||
| WebSecurity and = web.ignoring() | |||||
| .and(); | |||||
| WebSecurity and = web.ignoring().and(); | |||||
| // 忽略 GET | // 忽略 GET | ||||
| customConfig.getIgnores() | |||||
| .getGet() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.GET, url)); | |||||
| customConfig.getIgnores().getGet().forEach(url -> and.ignoring().antMatchers(HttpMethod.GET, url)); | |||||
| // 忽略 POST | // 忽略 POST | ||||
| customConfig.getIgnores() | |||||
| .getPost() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.POST, url)); | |||||
| customConfig.getIgnores().getPost().forEach(url -> and.ignoring().antMatchers(HttpMethod.POST, url)); | |||||
| // 忽略 DELETE | // 忽略 DELETE | ||||
| customConfig.getIgnores() | |||||
| .getDelete() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.DELETE, url)); | |||||
| customConfig.getIgnores().getDelete().forEach(url -> and.ignoring().antMatchers(HttpMethod.DELETE, url)); | |||||
| // 忽略 PUT | // 忽略 PUT | ||||
| customConfig.getIgnores() | |||||
| .getPut() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.PUT, url)); | |||||
| customConfig.getIgnores().getPut().forEach(url -> and.ignoring().antMatchers(HttpMethod.PUT, url)); | |||||
| // 忽略 HEAD | // 忽略 HEAD | ||||
| customConfig.getIgnores() | |||||
| .getHead() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.HEAD, url)); | |||||
| customConfig.getIgnores().getHead().forEach(url -> and.ignoring().antMatchers(HttpMethod.HEAD, url)); | |||||
| // 忽略 PATCH | // 忽略 PATCH | ||||
| customConfig.getIgnores() | |||||
| .getPatch() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.PATCH, url)); | |||||
| customConfig.getIgnores().getPatch().forEach(url -> and.ignoring().antMatchers(HttpMethod.PATCH, url)); | |||||
| // 忽略 OPTIONS | // 忽略 OPTIONS | ||||
| customConfig.getIgnores() | |||||
| .getOptions() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.OPTIONS, url)); | |||||
| customConfig.getIgnores().getOptions().forEach(url -> and.ignoring().antMatchers(HttpMethod.OPTIONS, url)); | |||||
| // 忽略 TRACE | // 忽略 TRACE | ||||
| customConfig.getIgnores() | |||||
| .getTrace() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(HttpMethod.TRACE, url)); | |||||
| customConfig.getIgnores().getTrace().forEach(url -> and.ignoring().antMatchers(HttpMethod.TRACE, url)); | |||||
| // 按照请求格式忽略 | // 按照请求格式忽略 | ||||
| customConfig.getIgnores() | |||||
| .getPattern() | |||||
| .forEach(url -> and.ignoring() | |||||
| .antMatchers(url)); | |||||
| customConfig.getIgnores().getPattern().forEach(url -> and.ignoring().antMatchers(url)); | |||||
| } | } | ||||
| } | } | ||||