|
|
@@ -1,6 +1,7 @@ |
|
|
|
package com.cnbm.admin.config; |
|
|
|
|
|
|
|
import com.cnbm.admin.filter.JwtAuthenticationTokenFilter; |
|
|
|
import com.cnbm.admin.handler.LogoutSuccessHandlerImpl; |
|
|
|
import com.cnbm.admin.service.impl.UserDetailsServiceImpl; |
|
|
|
import org.springframework.beans.factory.annotation.Autowired; |
|
|
|
import org.springframework.context.annotation.Bean; |
|
|
@@ -45,6 +46,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
|
@Autowired |
|
|
|
private UserDetailsServiceImpl userDetailsService; |
|
|
|
|
|
|
|
@Autowired |
|
|
|
private LogoutSuccessHandlerImpl logoutSuccessHandler; |
|
|
|
|
|
|
|
|
|
|
|
@Override |
|
|
|
protected void configure(HttpSecurity http) throws Exception { |
|
|
@@ -56,14 +60,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
|
.and() |
|
|
|
.authorizeRequests() |
|
|
|
// 对于登录接口 允许匿名访问 |
|
|
|
.antMatchers("/login","/swagger/**","/v2/**", |
|
|
|
.antMatchers("/login","/doLogout","/swagger/**","/v2/**", |
|
|
|
"/doc.html", |
|
|
|
"/swagger-resources/**", |
|
|
|
"/swagger-ui/**", |
|
|
|
"/webjars/**").anonymous() |
|
|
|
// .antMatchers("/testCors").hasAuthority("system:dept:list222") |
|
|
|
// 除上面外的所有请求全部需要鉴权认证 |
|
|
|
.anyRequest().authenticated(); |
|
|
|
.anyRequest() |
|
|
|
.authenticated() |
|
|
|
// 退出登录,默认为/logout,这里修改接口地址为 /doLogout |
|
|
|
.and().logout().logoutUrl("/doLogout") |
|
|
|
// 设置退出登录成功处理程序,退出成功后返回JSON字符串 |
|
|
|
.logoutSuccessHandler(logoutSuccessHandler); |
|
|
|
|
|
|
|
//添加过滤器 |
|
|
|
http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); |
|
|
|