From 43f0578e80af82ecae6c61b51bd0539c6b960603 Mon Sep 17 00:00:00 2001
From: puhanshu <a9236326>
Date: 星期二, 16 八月 2022 19:08:32 +0800
Subject: [PATCH] 服务范围优化

---
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java |   39 +++++++++++++++++----------------------
 1 files changed, 17 insertions(+), 22 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
index 71bc6f9..2bd8056 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
@@ -1,10 +1,7 @@
 package com.panzhihua.zuul.config;
 
-import com.panzhihua.zuul.filters.AppletAuthenticationFilter;
-import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
-import com.panzhihua.zuul.filters.SercuritFilter;
-import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
-import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
+import javax.annotation.Resource;
+
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -14,7 +11,10 @@
 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
 
-import javax.annotation.Resource;
+import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
+import com.panzhihua.zuul.filters.SercuritFilter;
+import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
+import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
 
 /**
  * @program: springcloud_k8s_panzhihuazhihuishequ
@@ -38,26 +38,21 @@
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests()
-                .withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
-                    @Override
-                    public <O extends FilterSecurityInterceptor> O postProcess(O o) {
-                        o.setAccessDecisionManager(roleAccessDecisionManager);
-                        o.setSecurityMetadataSource(filter);
-                        return o;
-                    }
-                })
-                .anyRequest().authenticated()
-                .and()
-                // 配置没有权限自定义处理类
-                .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler)
-                .and()
-                .csrf().disable();
+        http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
+            @Override
+            public <O extends FilterSecurityInterceptor> O postProcess(O o) {
+                o.setAccessDecisionManager(roleAccessDecisionManager);
+                o.setSecurityMetadataSource(filter);
+                return o;
+            }
+        }).anyRequest().authenticated().and()
+            // 配置没有权限自定义处理类
+            .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler).and().csrf().disable();
         // 基于Token不需要session
         http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
         // 禁用缓存
         http.headers().cacheControl();
-        http.antMatcher("/api/applet/**").addFilterBefore(new AppletAuthenticationFilter(), AnonymousAuthenticationFilter.class);
         http.addFilterBefore(new JWTAuthenticationTokenFilter(), AnonymousAuthenticationFilter.class);
     }
+
 }

--
Gitblit v1.7.1