From 6d90aa0d86d4ef7d1eb4eda5dab1c10dc9e9df26 Mon Sep 17 00:00:00 2001
From: DESKTOP-71BH0QO\L、ming <172680469@qq.com>
Date: 星期二, 11 五月 2021 15:51:08 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/test' into test

---
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java |   25 ++++++++++++++-----------
 1 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
index 8d74a7e..0acae8f 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
@@ -1,10 +1,14 @@
 package com.panzhihua.zuul.config;
 
+import com.panzhihua.zuul.filters.AppletAuthenticationFilter;
 import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
 import com.panzhihua.zuul.filters.SercuritFilter;
 import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
 import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
+import org.springframework.boot.autoconfigure.security.SecurityProperties;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,6 +16,7 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import javax.annotation.Resource;
 
@@ -34,6 +39,7 @@
      */
     @Resource
     private UserAuthAccessDeniedHandler userAuthAccessDeniedHandler;
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
@@ -49,16 +55,13 @@
                 .and()
                 // 配置没有权限自定义处理类
                 .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler)
-               .and()
-             .csrf().disable();
-            // 基于Token不需要session
-            http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-            // 禁用缓存
-            http.headers().cacheControl();
-            http.addFilterBefore(new JWTAuthenticationTokenFilter(), AnonymousAuthenticationFilter.class);
-
-
-
-
+                .and()
+                .csrf().disable();
+        // 基于Token不需要session
+        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+        // 禁用缓存
+        http.headers().cacheControl();
+        http.addFilterBefore(new JWTAuthenticationTokenFilter(), AnonymousAuthenticationFilter.class);
     }
+
 }

--
Gitblit v1.7.1