From 7a8e31ceb01c7eb27d90197ec91efdfce4bedb41 Mon Sep 17 00:00:00 2001
From: 张天森 <1292933220@qq.com>
Date: 星期三, 16 十一月 2022 18:00:39 +0800
Subject: [PATCH] Merge branch 'huacheng_test' into haucheng_panzhihua

---
 springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/config/SecurityConfig.java |   78 +++++++++++++++++++-------------------
 1 files changed, 39 insertions(+), 39 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/config/SecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/config/SecurityConfig.java
index 098c26a..02ad139 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/config/SecurityConfig.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/config/SecurityConfig.java
@@ -1,11 +1,9 @@
 package com.panzhihua.auth.config;
 
+import javax.annotation.Resource;
 
-import com.panzhihua.auth.handel.UserAuthenticationProvider;
-import com.panzhihua.auth.handel.UserLoginFailureHandler;
-import com.panzhihua.auth.handel.UserLoginSuccessHandler;
-import com.panzhihua.auth.handel.UserLogoutSuccessHandler;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -14,12 +12,17 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
-import javax.annotation.Resource;
+import com.panzhihua.auth.handel.AjaxAuthenticationEntryPoint;
+import com.panzhihua.auth.handel.UserAuthenticationProvider;
+import com.panzhihua.auth.handel.UserLoginFailureHandler;
+import com.panzhihua.auth.handel.UserLogoutSuccessHandler;
 
 /**
  * SpringSecurity配置类
+ * 
  * @Author youcong
  */
+@Configuration
 @EnableWebSecurity
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
     /**
@@ -28,22 +31,28 @@
     @Resource
     private UserAuthenticationProvider userAuthenticationProvider;
 
+    public static void main(String[] args) {
+        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
+        String encode = bCryptPasswordEncoder.encode("123456");
+        System.out.println(encode);
+    }
+
     /**
      * 加密方式
+     *
      * @Author youcong
      */
     @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder(){
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
         return new BCryptPasswordEncoder();
     }
-
 
     /**
      * 配置登录验证逻辑
      */
     @Override
-    protected void configure(AuthenticationManagerBuilder auth){
-        //这里可启用我们自己的登陆验证逻辑
+    protected void configure(AuthenticationManagerBuilder auth) {
+        // 这里可启用我们自己的登陆验证逻辑
         auth.authenticationProvider(userAuthenticationProvider);
     }
 
@@ -55,49 +64,40 @@
      */
     @Bean
     @Override
-    public AuthenticationManager authenticationManagerBean() throws Exception
-    {
+    public AuthenticationManager authenticationManagerBean() throws Exception {
         return super.authenticationManagerBean();
     }
+
     /**
      * 配置security的控制逻辑
+     *
      * @Author youcong
-     * @Param  http 请求
+     * @Param http 请求
      */
     @Override
     protected void configure(HttpSecurity http) throws Exception {
 
-        http.authorizeRequests()
-                .anyRequest().permitAll()
-                .and()
-                // 配置登录成功自定义处理类
-                .formLogin()
-                .successHandler(new UserLoginSuccessHandler())
-                // 配置登录失败自定义处理类
-                .failureHandler(new UserLoginFailureHandler())
-                .and()
-                // 配置登出地址
-                .logout()
-                .logoutUrl("/login/userLogout")
-                // 配置用户登出自定义处理类
-                .logoutSuccessHandler(new UserLogoutSuccessHandler())
-                .and()
-                // 开启跨域
-                .cors()
-                .and()
-                // 取消跨站请求伪造防护
-                .csrf().disable();
+        http.authorizeRequests().anyRequest().permitAll().and()
+            // 配置登录成功自定义处理类
+            .formLogin()
+            // .successHandler(new UserLoginSuccessHandler())
+            // 配置登录失败自定义处理类
+            .failureHandler(new UserLoginFailureHandler()).and()
+            // 配置登出地址
+            .logout().logoutUrl("/login/userLogout")
+            // 配置用户登出自定义处理类
+            .logoutSuccessHandler(new UserLogoutSuccessHandler()).and()
+            // 开启跨域
+            .cors()
+            // 异常处理(权限拒绝、登录失效等)
+            .and().exceptionHandling().authenticationEntryPoint(new AjaxAuthenticationEntryPoint())// 匿名用户访问无权限资源时的异常处理;
+            .and()
+            // 取消跨站请求伪造防护
+            .csrf().disable();
         // 基于Token不需要session
         http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
         // 禁用缓存
         http.headers().cacheControl();
 
-
-    }
-
-    public static void main(String[] args) {
-        BCryptPasswordEncoder bCryptPasswordEncoder=new BCryptPasswordEncoder();
-        String encode = bCryptPasswordEncoder.encode("123456");
-        System.out.println(encode);
     }
 }

--
Gitblit v1.7.1