|
@@ -1,10 +1,14 @@ |
|
|
package com.cnbm.admin.config; |
|
|
package com.cnbm.admin.config; |
|
|
|
|
|
|
|
|
import com.cnbm.admin.filter.JwtAuthenticationTokenFilter; |
|
|
import com.cnbm.admin.filter.JwtAuthenticationTokenFilter; |
|
|
|
|
|
import com.cnbm.admin.service.impl.UserDetailsServiceImpl; |
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
import org.springframework.context.annotation.Bean; |
|
|
import org.springframework.context.annotation.Bean; |
|
|
import org.springframework.context.annotation.Configuration; |
|
|
import org.springframework.context.annotation.Configuration; |
|
|
import org.springframework.security.authentication.AuthenticationManager; |
|
|
import org.springframework.security.authentication.AuthenticationManager; |
|
|
|
|
|
import org.springframework.security.authentication.AuthenticationProvider; |
|
|
|
|
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; |
|
|
|
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; |
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; |
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
|
@@ -38,6 +42,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
@Autowired |
|
|
@Autowired |
|
|
private AccessDeniedHandler accessDeniedHandler; |
|
|
private AccessDeniedHandler accessDeniedHandler; |
|
|
|
|
|
|
|
|
|
|
|
@Autowired |
|
|
|
|
|
private UserDetailsServiceImpl userDetailsService; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override |
|
|
@Override |
|
|
protected void configure(HttpSecurity http) throws Exception { |
|
|
protected void configure(HttpSecurity http) throws Exception { |
|
|
http |
|
|
http |
|
@@ -75,4 +83,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
public AuthenticationManager authenticationManagerBean() throws Exception { |
|
|
public AuthenticationManager authenticationManagerBean() throws Exception { |
|
|
return super.authenticationManagerBean(); |
|
|
return super.authenticationManagerBean(); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Bean |
|
|
|
|
|
public AuthenticationProvider daoAuthenticationProvider() { |
|
|
|
|
|
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); |
|
|
|
|
|
daoAuthenticationProvider.setUserDetailsService(userDetailsService); |
|
|
|
|
|
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder()); |
|
|
|
|
|
daoAuthenticationProvider.setHideUserNotFoundExceptions(false); |
|
|
|
|
|
return daoAuthenticationProvider; |
|
|
|
|
|
} |
|
|
|
|
|
@Override |
|
|
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception { |
|
|
|
|
|
// 加入自定义认证, 无需配置userDetailsService,否则会执行默认的provider |
|
|
|
|
|
// auth.authenticationProvider(myAuthenticationProvider()); |
|
|
|
|
|
/* auth.userDetailsService(userService) |
|
|
|
|
|
.passwordEncoder(passwordEncoder());*/ |
|
|
|
|
|
auth.authenticationProvider(daoAuthenticationProvider()); |
|
|
|
|
|
} |
|
|
} |
|
|
} |