From 10cc0db30a1be5377e4c09bce349014a667849b6 Mon Sep 17 00:00:00 2001
From: puhanshu <a9236326>
Date: 星期三, 12 一月 2022 13:21:08 +0800
Subject: [PATCH] Merge branch 'phs' into test

---
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java |   58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 58 insertions(+), 0 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
new file mode 100644
index 0000000..2bd8056
--- /dev/null
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
@@ -0,0 +1,58 @@
+package com.panzhihua.zuul.config;
+
+import javax.annotation.Resource;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.ObjectPostProcessor;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
+
+import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
+import com.panzhihua.zuul.filters.SercuritFilter;
+import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
+import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
+
+/**
+ * @program: springcloud_k8s_panzhihuazhihuishequ
+ * @description: 安全
+ * @author: huang.hongfa weixin hhf9596 qq 959656820
+ * @create: 2020-11-25 10:57
+ **/
+@Configuration
+@EnableWebSecurity
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Resource
+    private SercuritFilter filter;
+    @Resource
+    private RoleAccessDecisionManager roleAccessDecisionManager;
+    /**
+     * 自定义暂无权限处理器
+     */
+    @Resource
+    private UserAuthAccessDeniedHandler userAuthAccessDeniedHandler;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
+            @Override
+            public <O extends FilterSecurityInterceptor> O postProcess(O o) {
+                o.setAccessDecisionManager(roleAccessDecisionManager);
+                o.setSecurityMetadataSource(filter);
+                return o;
+            }
+        }).anyRequest().authenticated().and()
+            // 配置没有权限自定义处理类
+            .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler).and().csrf().disable();
+        // 基于Token不需要session
+        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+        // 禁用缓存
+        http.headers().cacheControl();
+        http.addFilterBefore(new JWTAuthenticationTokenFilter(), AnonymousAuthenticationFilter.class);
+    }
+
+}

--
Gitblit v1.7.1