SpringBoot2.6.15 SpringSecurity配置

/*

package cab.bear.config.security;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Bean;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.ObjectPostProcessor;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.web.AuthenticationEntryPoint;

import org.springframework.security.web.access.AccessDeniedHandler;

import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import cab.bear.config.security.filter.CodeAuthenticationFilter;

import cab.bear.config.security.filter.JwtAuthenticationFilter;

// 基于spring-boot 2.6.15,SpringSecurity配置类

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class WebSecurityConfigurerAdapterExte extends WebSecurityConfigurerAdapter {

// 用于鉴定用户是否可以访问被保护的资源

@Autowired

AccessDecisionManagerImpl accessDecisionManagerImpl;

// 用于设置受保护的资源信息数据源

@Autowired

FilterInvocationSecurityMetadataSourceImpl filterInvocationSecurityMetadataSourceImpl;

@Autowired

UserDetailsServiceImpl userDetailsServiceImpl;

@Autowired

AuthenticationFailureHandler authenticationFailureHandler;

@Autowired

AuthenticationSuccessHandler authenticationSuccessHandler;

@Autowired

AccessDeniedHandler accessDeniedHandler;

@Autowired

AuthenticationEntryPoint authenticationEntryPoint;

@Bean

JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {

JwtAuthenticationFilter jwtAuthenticationFilter = new JwtAuthenticationFilter(authenticationManager());

return jwtAuthenticationFilter;

}

@Bean

CodeAuthenticationFilter codeAuthenticationFilter() throws Exception {

return new CodeAuthenticationFilter();

}

@Override

protected void configure(HttpSecurity httpSecurity) throws Exception {

httpSecurity.cors(); // 允许跨域访问

httpSecurity.csrf().disable(); // CSRF 禁用,因为不使用 session

httpSecurity.formLogin()

.loginProcessingUrl("/login")

// 登录成功处理

.successHandler(authenticationSuccessHandler)

// 登录失败处理

.failureHandler(authenticationFailureHandler)

.usernameParameter("username")

.passwordParameter("password")

.permitAll();

// 授予任何请求允许无条件访问

// httpSecurity.authorizeRequests().anyRequest().permitAll();

// 部分允许无条件访问

// httpSecurity.authorizeRequests().antMatchers("/system/login", "/captcha/get", "/captcha/check").permitAll();

// 其他需要鉴权认证

// httpSecurity.authorizeRequests().anyRequest().authenticated();

// 需要鉴权认证

httpSecurity

.authorizeRequests()

.anyRequest()

.authenticated()

.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {

@Override

public <O extends FilterSecurityInterceptor> O postProcess(O object) {

object.setSecurityMetadataSource(filterInvocationSecurityMetadataSourceImpl);

object.setAccessDecisionManager(accessDecisionManagerImpl);

return object;

}

});

// 没有认证

httpSecurity.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);

// 没有权限处理

httpSecurity.exceptionHandling().accessDeniedHandler(accessDeniedHandler);

// 过滤器

httpSecurity.addFilterBefore(codeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);

httpSecurity.addFilter(jwtAuthenticationFilter());

}

@Override

protected void configure(AuthenticationManagerBuilder builder) throws Exception {

builder.userDetailsService(userDetailsServiceImpl).passwordEncoder(bCryptPasswordEncoder());

}

@Bean

BCryptPasswordEncoder bCryptPasswordEncoder() {

return new BCryptPasswordEncoder();

}

@Bean

public AuthenticationManager authenticationManagerBean() throws Exception {

return super.authenticationManagerBean();

}

}

*/

相关推荐
小乌龟不会飞3 分钟前
Ubuntu 安装 etcd 与 etcd-cpp-apiv3
数据库·etcd
YuTaoShao1 小时前
【LeetCode 热题 100】56. 合并区间——排序+遍历
java·算法·leetcode·职场和发展
程序员张31 小时前
SpringBoot计时一次请求耗时
java·spring boot·后端
llwszx4 小时前
深入理解Java锁原理(一):偏向锁的设计原理与性能优化
java·spring··偏向锁
云泽野5 小时前
【Java|集合类】list遍历的6种方式
java·python·list
二进制person5 小时前
Java SE--方法的使用
java·开发语言·算法
小阳拱白菜6 小时前
java异常学习
java
FrankYoou7 小时前
Jenkins 与 GitLab CI/CD 的核心对比
java·docker
计算机毕设定制辅导-无忧学长8 小时前
西门子 PLC 与 Modbus 集成:S7-1500 RTU/TCP 配置指南(一)
服务器·数据库·tcp/ip
麦兜*8 小时前
Spring Boot启动优化7板斧(延迟初始化、组件扫描精准打击、JVM参数调优):砍掉70%启动时间的魔鬼实践
java·jvm·spring boot·后端·spring·spring cloud·系统架构