From e7ff00a506c9290dcd75c5e087cae0efbf6fa5c1 Mon Sep 17 00:00:00 2001
From: 101captain <237651143@qq.com>
Date: 星期一, 11 七月 2022 17:01:56 +0800
Subject: [PATCH] 导出不带截图接口
---
springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java | 42 ++++++++++++++++--------------------------
1 files changed, 16 insertions(+), 26 deletions(-)
diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
index f6feb77..2bd8056 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/config/SpringSecurityConfig.java
@@ -1,14 +1,8 @@
package com.panzhihua.zuul.config;
-import com.panzhihua.zuul.filters.AppletAuthenticationFilter;
-import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
-import com.panzhihua.zuul.filters.SercuritFilter;
-import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
-import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
-import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.context.annotation.Bean;
+import javax.annotation.Resource;
+
import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -16,9 +10,11 @@
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import javax.annotation.Resource;
+import com.panzhihua.zuul.filters.JWTAuthenticationTokenFilter;
+import com.panzhihua.zuul.filters.SercuritFilter;
+import com.panzhihua.zuul.handles.UserAuthAccessDeniedHandler;
+import com.panzhihua.zuul.manager.RoleAccessDecisionManager;
/**
* @program: springcloud_k8s_panzhihuazhihuishequ
@@ -28,7 +24,6 @@
**/
@Configuration
@EnableWebSecurity
-@Order(SecurityProperties.BASIC_AUTH_ORDER-1)
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
@@ -43,21 +38,16 @@
@Override
protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests()
- .withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
- @Override
- public <O extends FilterSecurityInterceptor> O postProcess(O o) {
- o.setAccessDecisionManager(roleAccessDecisionManager);
- o.setSecurityMetadataSource(filter);
- return o;
- }
- })
- .anyRequest().authenticated()
- .and()
- // 配置没有权限自定义处理类
- .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler)
- .and()
- .csrf().disable();
+ http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
+ @Override
+ public <O extends FilterSecurityInterceptor> O postProcess(O o) {
+ o.setAccessDecisionManager(roleAccessDecisionManager);
+ o.setSecurityMetadataSource(filter);
+ return o;
+ }
+ }).anyRequest().authenticated().and()
+ // 配置没有权限自定义处理类
+ .exceptionHandling().accessDeniedHandler(userAuthAccessDeniedHandler).and().csrf().disable();
// 基于Token不需要session
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// 禁用缓存
--
Gitblit v1.7.1