| package com.ruoyi.modules.monitor.config; | 
|   | 
| import de.codecentric.boot.admin.server.config.AdminServerProperties; | 
| import org.springframework.context.annotation.Bean; | 
| import org.springframework.security.config.annotation.web.builders.HttpSecurity; | 
| import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | 
| import org.springframework.security.web.SecurityFilterChain; | 
| import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; | 
|   | 
| /** | 
|  * 监控权限配置 | 
|  * | 
|  * @author ruoyi | 
|  */ | 
| @EnableWebSecurity | 
| public class WebSecurityConfigurer { | 
|     private final String adminContextPath; | 
|   | 
|     public WebSecurityConfigurer(AdminServerProperties adminServerProperties) { | 
|         this.adminContextPath = adminServerProperties.getContextPath(); | 
|     } | 
|   | 
|     @Bean | 
|     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { | 
|         SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); | 
|         successHandler.setTargetUrlParameter("redirectTo"); | 
|         successHandler.setDefaultTargetUrl(adminContextPath + "/"); | 
|   | 
|         return httpSecurity | 
|                 .headers().frameOptions().disable() | 
|                 .and().authorizeRequests() | 
|                 .antMatchers(adminContextPath + "/assets/**" | 
|                         , adminContextPath + "/login" | 
|                         , adminContextPath + "/actuator/**" | 
|                         , adminContextPath + "/instances/**" | 
|                 ).permitAll() | 
|                 .anyRequest().authenticated() | 
|                 .and() | 
|                 .formLogin().loginPage(adminContextPath + "/login") | 
|                 .successHandler(successHandler).and() | 
|                 .logout().logoutUrl(adminContextPath + "/logout") | 
|                 .and() | 
|                 .httpBasic().and() | 
|                 .csrf() | 
|                 .disable() | 
|                 .build(); | 
|     } | 
| } |