/*
package cab.bear.config.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import cab.bear.config.security.filter.CodeAuthenticationFilter;
import cab.bear.config.security.filter.JwtAuthenticationFilter;
// 基于spring-boot 2.6.15,SpringSecurity配置类
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class WebSecurityConfigurerAdapterExte extends WebSecurityConfigurerAdapter {
// 用于鉴定用户是否可以访问被保护的资源
@Autowired
AccessDecisionManagerImpl accessDecisionManagerImpl;
// 用于设置受保护的资源信息数据源
@Autowired
FilterInvocationSecurityMetadataSourceImpl filterInvocationSecurityMetadataSourceImpl;
@Autowired
UserDetailsServiceImpl userDetailsServiceImpl;
@Autowired
AuthenticationFailureHandler authenticationFailureHandler;
@Autowired
AuthenticationSuccessHandler authenticationSuccessHandler;
@Autowired
AccessDeniedHandler accessDeniedHandler;
@Autowired
AuthenticationEntryPoint authenticationEntryPoint;
@Bean
JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {
JwtAuthenticationFilter jwtAuthenticationFilter = new JwtAuthenticationFilter(authenticationManager());
return jwtAuthenticationFilter;
}
@Bean
CodeAuthenticationFilter codeAuthenticationFilter() throws Exception {
return new CodeAuthenticationFilter();
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.cors(); // 允许跨域访问
httpSecurity.csrf().disable(); // CSRF 禁用,因为不使用 session
httpSecurity.formLogin()
.loginProcessingUrl("/login")
// 登录成功处理
.successHandler(authenticationSuccessHandler)
// 登录失败处理
.failureHandler(authenticationFailureHandler)
.usernameParameter("username")
.passwordParameter("password")
.permitAll();
// 授予任何请求允许无条件访问
// httpSecurity.authorizeRequests().anyRequest().permitAll();
// 部分允许无条件访问
// httpSecurity.authorizeRequests().antMatchers("/system/login", "/captcha/get", "/captcha/check").permitAll();
// 其他需要鉴权认证
// httpSecurity.authorizeRequests().anyRequest().authenticated();
// 需要鉴权认证
httpSecurity
.authorizeRequests()
.anyRequest()
.authenticated()
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
@Override
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
object.setSecurityMetadataSource(filterInvocationSecurityMetadataSourceImpl);
object.setAccessDecisionManager(accessDecisionManagerImpl);
return object;
}
});
// 没有认证
httpSecurity.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
// 没有权限处理
httpSecurity.exceptionHandling().accessDeniedHandler(accessDeniedHandler);
// 过滤器
httpSecurity.addFilterBefore(codeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
httpSecurity.addFilter(jwtAuthenticationFilter());
}
@Override
protected void configure(AuthenticationManagerBuilder builder) throws Exception {
builder.userDetailsService(userDetailsServiceImpl).passwordEncoder(bCryptPasswordEncoder());
}
@Bean
BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
*/