调整

lyfO_o

2022-07-02 c3c1f64c7fe9d6dcefdccc18c691bf013465b492

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package com.gkhy.safePlatform.config.security;
 
import com.gkhy.safePlatform.config.security.customzie.CustomizeAccessDeniedHandler;
import com.gkhy.safePlatform.config.security.customzie.CustomizeAuthenticationEntryPoint;
import org.apache.dubbo.config.annotation.DubboReference;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
import javax.annotation.Resource;
 
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true,prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
    @Resource
    private CustomizeAccessDeniedHandler accessDeniedHandler;
 
    @Resource
    private CustomizeAuthenticationEntryPoint authenticationEntryPoint;
 
    @Resource
    private TokenAuthenticationFilter tokenAuthenticationFilter;
 
 
 
 
    @Override
    protected void configure(HttpSecurity http) throws Exception {
 
        // 关闭跨域攻击
        http.csrf().disable();
        // 关闭session
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        // 登录json放行
        http.authorizeRequests().antMatchers("/auth/login").permitAll();
        // 关闭
        http.headers().cacheControl();
        // jwt过滤器
        http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        // 请求认证访问
        http.authorizeRequests().anyRequest().authenticated();
        // 允许跨域访问
        http.cors();
 
    }
 
 
 
 
 
    /**
    * @Description: 自定义查询逻辑 & 密码处理器
    */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService());
    }
 
    /**
    * @Description: 自定义查询逻辑
    */
    @Bean
    @Qualifier("myUserDetailService")
    protected UserDetailsService userDetailsService(){
        return (username)-> (UserDetails) new Object();
    }
 
 
    @Override
    public void configure(WebSecurity web) {
        web.ignoring().mvcMatchers();
    }
}