From 3a40dbb060a59e623426e1e26ef8b6f2625c15f2 Mon Sep 17 00:00:00 2001
From: CeDo <cedoogle@gmail.com>
Date: 星期四, 06 五月 2021 14:01:19 +0800
Subject: [PATCH] Default Changelist

---
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
index 71bc6f9..f6feb77 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
@@ -5,7 +5,10 @@
 import com.panzhihua.zuul.filters.SercuritFilter;
 import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
 import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
+import org.springframework.boot.autoconfigure.security.SecurityProperties;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -13,6 +16,7 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import javax.annotation.Resource;
 
@@ -24,6 +28,7 @@
  **/
 @Configuration
 @EnableWebSecurity
+@Order(SecurityProperties.BASIC_AUTH_ORDER-1)
 public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Resource
@@ -57,7 +62,7 @@
         http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
         // 禁用缓存
         http.headers().cacheControl();
-        http.antMatcher("/api/applet/**").addFilterBefore(new AppletAuthenticationFilter(), AnonymousAuthenticationFilter.class);
         http.addFilterBefore(new JWTAuthenticationTokenFilter(), AnonymousAuthenticationFilter.class);
     }
+
 }

--
Gitblit v1.7.1