| | |
|---|
| | | package com.genersoft.iot.vmp.conf.security; |
|---|
| | | |
|---|
| | | import com.genersoft.iot.vmp.conf.UserSetup; |
|---|
| | | import org.slf4j.Logger; |
|---|
| | | import org.slf4j.LoggerFactory; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.beans.factory.annotation.Value; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | | import org.springframework.security.authentication.AuthenticationManager; |
|---|
| | |
|---|
| | | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
|---|
| | | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
|---|
| | | |
|---|
| | | import java.util.List; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 配置Spring Security |
|---|
| | | */ |
|---|
| | |
|---|
| | | @EnableWebSecurity |
|---|
| | | @EnableGlobalMethodSecurity(prePostEnabled = true) |
|---|
| | | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { |
|---|
| | | |
|---|
| | | private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class); |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private UserSetup userSetup; |
|---|
| | |
|---|
| | | .antMatchers("/swagger-resources/**") |
|---|
| | | .antMatchers("/v3/api-docs/**") |
|---|
| | | .antMatchers("/js/**"); |
|---|
| | | List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes(); |
|---|
| | | for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) { |
|---|
| | | if (interfaceAuthenticationExclude.split("/").length < 4 ) { |
|---|
| | | logger.warn("{}不满足两极目录,已忽略", interfaceAuthenticationExclude); |
|---|
| | | }else { |
|---|
| | | web.ignoring().antMatchers(interfaceAuthenticationExclude); |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
