SpringBoot2.6.15 SpringSecurity配置

phone131448303392023-09-17 22:06

/*

package cab.bear.config.security;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Bean;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.ObjectPostProcessor;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.web.AuthenticationEntryPoint;

import org.springframework.security.web.access.AccessDeniedHandler;

import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import cab.bear.config.security.filter.CodeAuthenticationFilter;

import cab.bear.config.security.filter.JwtAuthenticationFilter;

// 基于spring-boot 2.6.15,SpringSecurity配置类

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class WebSecurityConfigurerAdapterExte extends WebSecurityConfigurerAdapter {

// 用于鉴定用户是否可以访问被保护的资源

@Autowired

AccessDecisionManagerImpl accessDecisionManagerImpl;

// 用于设置受保护的资源信息数据源

@Autowired

FilterInvocationSecurityMetadataSourceImpl filterInvocationSecurityMetadataSourceImpl;

@Autowired

UserDetailsServiceImpl userDetailsServiceImpl;

@Autowired

AuthenticationFailureHandler authenticationFailureHandler;

@Autowired

AuthenticationSuccessHandler authenticationSuccessHandler;

@Autowired

AccessDeniedHandler accessDeniedHandler;

@Autowired

AuthenticationEntryPoint authenticationEntryPoint;

@Bean

JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {

JwtAuthenticationFilter jwtAuthenticationFilter = new JwtAuthenticationFilter(authenticationManager());

return jwtAuthenticationFilter;

}

@Bean

CodeAuthenticationFilter codeAuthenticationFilter() throws Exception {

return new CodeAuthenticationFilter();

}

@Override

protected void configure(HttpSecurity httpSecurity) throws Exception {

httpSecurity.cors(); // 允许跨域访问

httpSecurity.csrf().disable(); // CSRF 禁用,因为不使用 session

httpSecurity.formLogin()

.loginProcessingUrl("/login")

// 登录成功处理

.successHandler(authenticationSuccessHandler)

// 登录失败处理

.failureHandler(authenticationFailureHandler)

.usernameParameter("username")

.passwordParameter("password")

.permitAll();

// 授予任何请求允许无条件访问

// httpSecurity.authorizeRequests().anyRequest().permitAll();

// 部分允许无条件访问

// httpSecurity.authorizeRequests().antMatchers("/system/login", "/captcha/get", "/captcha/check").permitAll();

// 其他需要鉴权认证

// httpSecurity.authorizeRequests().anyRequest().authenticated();

// 需要鉴权认证

httpSecurity

.authorizeRequests()

.anyRequest()

.authenticated()

.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {

@Override

public <O extends FilterSecurityInterceptor> O postProcess(O object) {

object.setSecurityMetadataSource(filterInvocationSecurityMetadataSourceImpl);

object.setAccessDecisionManager(accessDecisionManagerImpl);

return object;

}

});

// 没有认证

httpSecurity.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);

// 没有权限处理

httpSecurity.exceptionHandling().accessDeniedHandler(accessDeniedHandler);

// 过滤器

httpSecurity.addFilterBefore(codeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);

httpSecurity.addFilter(jwtAuthenticationFilter());

}

@Override

protected void configure(AuthenticationManagerBuilder builder) throws Exception {

builder.userDetailsService(userDetailsServiceImpl).passwordEncoder(bCryptPasswordEncoder());

}

@Bean

BCryptPasswordEncoder bCryptPasswordEncoder() {

return new BCryptPasswordEncoder();

}

@Bean

public AuthenticationManager authenticationManagerBean() throws Exception {

return super.authenticationManagerBean();

}

}

*/

相关推荐
.豆鲨包16 分钟前
【Android】Viewpager2实现无限轮播图
android·java
BXCQ_xuan18 分钟前
软件工程实践二:Spring Boot 知识回顾
java·spring boot·后端
老赵的博客20 分钟前
c++ unqiue指针
java·jvm·c++
wuxuanok1 小时前
SpringBoot -原理篇
java·spring boot·spring
柿蒂1 小时前
从if-else和switch,聊聊“八股“的作用
android·java·kotlin
云动雨颤1 小时前
Spring Boot配置优化:Tomcat+数据库+缓存+日志,全场景教程
数据库·spring boot·tomcat
二饭1 小时前
Spring Boot 项目启动报错:MongoSocketOpenException 连接被拒绝排查日记
java·spring boot·后端
RestCloud1 小时前
Kafka实时数据管道:ETL在流式处理中的应用
数据库·kafka·api
懒虫虫~1 小时前
通过内存去重替换SQL中distinct,优化SQL查询效率
java·sql·慢sql治理
热门推荐
01GitHub 镜像站点02A股预测还能更准?开源大模型Kronos带你跑通预测+回测全流程03UV 工具安装与国内镜像源配置指南04KGG转MP3工具|非KGM文件|解密音频05UV安装并设置国内源0646个Nano-banana 精选提示词,持续更新中07conda中设置镜像地址(附所有可换的地址)08突破百度网盘的下载限速,两种方法教会你【超详细】09Spec-Kit 使用指南10保姆级教程:手把手教你用Dify实现完美多轮对话(附Chatflow和提示词)