|  |  |  | 
|---|
|  |  |  | package com.genersoft.iot.vmp.conf.security; | 
|---|
|  |  |  |  | 
|---|
|  |  |  | import com.genersoft.iot.vmp.conf.UserSetup; | 
|---|
|  |  |  | import org.slf4j.Logger; | 
|---|
|  |  |  | import org.slf4j.LoggerFactory; | 
|---|
|  |  |  | import org.springframework.beans.factory.annotation.Autowired; | 
|---|
|  |  |  | import org.springframework.beans.factory.annotation.Value; | 
|---|
|  |  |  | import org.springframework.context.annotation.Bean; | 
|---|
|  |  |  | import org.springframework.context.annotation.Configuration; | 
|---|
|  |  |  | import org.springframework.security.authentication.AuthenticationManager; | 
|---|
|  |  |  | 
|---|
|  |  |  | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | 
|---|
|  |  |  | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | 
|---|
|  |  |  |  | 
|---|
|  |  |  | import java.util.List; | 
|---|
|  |  |  |  | 
|---|
|  |  |  | /** | 
|---|
|  |  |  | * 配置Spring Security | 
|---|
|  |  |  | */ | 
|---|
|  |  |  | 
|---|
|  |  |  | @EnableGlobalMethodSecurity(prePostEnabled = true) | 
|---|
|  |  |  | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { | 
|---|
|  |  |  |  | 
|---|
|  |  |  | @Value("${userSettings.interfaceAuthentication}") | 
|---|
|  |  |  | private boolean interfaceAuthentication; | 
|---|
|  |  |  | private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class); | 
|---|
|  |  |  |  | 
|---|
|  |  |  | @Autowired | 
|---|
|  |  |  | private UserSetup userSetup; | 
|---|
|  |  |  |  | 
|---|
|  |  |  | @Autowired | 
|---|
|  |  |  | private DefaultUserDetailsServiceImpl userDetailsService; | 
|---|
|  |  |  | 
|---|
|  |  |  | @Override | 
|---|
|  |  |  | public void configure(WebSecurity web) { | 
|---|
|  |  |  |  | 
|---|
|  |  |  | if (!interfaceAuthentication) { | 
|---|
|  |  |  | if (!userSetup.isInterfaceAuthentication()) { | 
|---|
|  |  |  | web.ignoring().antMatchers("**"); | 
|---|
|  |  |  | }else { | 
|---|
|  |  |  | // 可以直接访问的静态数据 | 
|---|
|  |  |  | 
|---|
|  |  |  | .antMatchers("/swagger-resources/**") | 
|---|
|  |  |  | .antMatchers("/v3/api-docs/**") | 
|---|
|  |  |  | .antMatchers("/js/**"); | 
|---|
|  |  |  | List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes(); | 
|---|
|  |  |  | for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) { | 
|---|
|  |  |  | if (interfaceAuthenticationExclude.split("/").length < 4 ) { | 
|---|
|  |  |  | logger.warn("{}不满足两级目录,已忽略", interfaceAuthenticationExclude); | 
|---|
|  |  |  | }else { | 
|---|
|  |  |  | web.ignoring().antMatchers(interfaceAuthenticationExclude); | 
|---|
|  |  |  | } | 
|---|
|  |  |  |  | 
|---|
|  |  |  | } | 
|---|
|  |  |  | } | 
|---|
|  |  |  | } | 
|---|
|  |  |  |  | 
|---|