From 7145ce07e6a84854fc1e5afd65b664c54a47bffd Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期三, 20 四月 2022 14:16:10 +0800
Subject: [PATCH] Merge pull request #439 from hotcoffie/wvp-28181-2.0

---
 src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java |   20 ++++++++++++++------
 1 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index 2841681..47cfdab 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -1,6 +1,8 @@
 package com.genersoft.iot.vmp.conf.security;
 
-import com.genersoft.iot.vmp.conf.UserSetup;
+import com.genersoft.iot.vmp.conf.UserSetting;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -24,8 +26,10 @@
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+    private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
+
     @Autowired
-    private UserSetup userSetup;
+    private UserSetting userSetting;
 
     @Autowired
     private DefaultUserDetailsServiceImpl userDetailsService;
@@ -73,7 +77,7 @@
     @Override
     public void configure(WebSecurity web) {
 
-        if (!userSetup.isInterfaceAuthentication()) {
+        if (!userSetting.isInterfaceAuthentication()) {
             web.ignoring().antMatchers("**");
         }else {
             // 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
@@ -87,10 +91,14 @@
                     .antMatchers("/swagger-resources/**")
                     .antMatchers("/v3/api-docs/**")
                     .antMatchers("/js/**");
-            List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes();
-            System.out.println(interfaceAuthenticationExcludes.size());
+            List<String> interfaceAuthenticationExcludes = userSetting.getInterfaceAuthenticationExcludes();
             for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) {
-                web.ignoring().antMatchers(interfaceAuthenticationExclude);
+                if (interfaceAuthenticationExclude.split("/").length < 4 ) {
+                    logger.warn("{}涓嶆弧瓒充袱绾х洰褰曪紝宸插拷鐣�", interfaceAuthenticationExclude);
+                }else {
+                    web.ignoring().antMatchers(interfaceAuthenticationExclude);
+                }
+
             }
         }
     }

--
Gitblit v1.8.0