WebSecurityConfigurerAdapter 过时更新

pull/203/head
wuzh 3 years ago
parent 2051819d2d
commit 5945537ade

@ -1,9 +1,10 @@
package com.ruoyi.modules.monitor.config;
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
/**
@ -11,8 +12,8 @@ import org.springframework.security.web.authentication.SavedRequestAwareAuthenti
*
* @author ruoyi
*/
@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter
@EnableWebSecurity
public class WebSecurityConfigurer
{
private final String adminContextPath;
@ -21,29 +22,30 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception
@Bean
public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception
{
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http
.headers().frameOptions().disable()
.and().authorizeRequests()
.antMatchers(adminContextPath + "/assets/**"
, adminContextPath + "/login"
, adminContextPath + "/actuator/**"
, adminContextPath + "/instances/**"
).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login")
.successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout")
.and()
.httpBasic().and()
.csrf()
.disable();
return httpSecurity
.headers().frameOptions().disable()
.and().authorizeRequests()
.antMatchers(adminContextPath + "/assets/**"
, adminContextPath + "/login"
, adminContextPath + "/actuator/**"
, adminContextPath + "/instances/**"
).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login")
.successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout")
.and()
.httpBasic().and()
.csrf()
.disable()
.build();
}
}

Loading…
Cancel
Save