• SpringBoot2.6.15 SpringSecurity配置

    /*

    package cab.bear.config.security;

    import org.springframework.beans.factory.annotation.Autowired;

    import org.springframework.context.annotation.Bean;

    import org.springframework.security.authentication.AuthenticationManager;

    import org.springframework.security.config.annotation.ObjectPostProcessor;

    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

    import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

    import org.springframework.security.config.annotation.web.builders.HttpSecurity;

    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

    import org.springframework.security.web.AuthenticationEntryPoint;

    import org.springframework.security.web.access.AccessDeniedHandler;

    import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

    import org.springframework.security.web.authentication.AuthenticationFailureHandler;

    import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

    import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

    import cab.bear.config.security.filter.CodeAuthenticationFilter;

    import cab.bear.config.security.filter.JwtAuthenticationFilter;

    // 基于spring-boot 2.6.15,SpringSecurity配置类

    @EnableWebSecurity

    @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

    public class WebSecurityConfigurerAdapterExte extends WebSecurityConfigurerAdapter {

    // 用于鉴定用户是否可以访问被保护的资源

    @Autowired

    AccessDecisionManagerImpl accessDecisionManagerImpl;

    // 用于设置受保护的资源信息数据源

    @Autowired

    FilterInvocationSecurityMetadataSourceImpl filterInvocationSecurityMetadataSourceImpl;

    @Autowired

    UserDetailsServiceImpl userDetailsServiceImpl;

    @Autowired

    AuthenticationFailureHandler authenticationFailureHandler;

    @Autowired

    AuthenticationSuccessHandler authenticationSuccessHandler;

    @Autowired

    AccessDeniedHandler accessDeniedHandler;

    @Autowired

    AuthenticationEntryPoint authenticationEntryPoint;

    @Bean

    JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {

    JwtAuthenticationFilter jwtAuthenticationFilter = new JwtAuthenticationFilter(authenticationManager());

    return jwtAuthenticationFilter;

    }

    @Bean

    CodeAuthenticationFilter codeAuthenticationFilter() throws Exception {

    return new CodeAuthenticationFilter();

    }

    @Override

    protected void configure(HttpSecurity httpSecurity) throws Exception {

    httpSecurity.cors(); // 允许跨域访问

    httpSecurity.csrf().disable(); // CSRF 禁用,因为不使用 session

    httpSecurity.formLogin()

    .loginProcessingUrl("/login")

    // 登录成功处理

    .successHandler(authenticationSuccessHandler)

    // 登录失败处理

    .failureHandler(authenticationFailureHandler)

    .usernameParameter("username")

    .passwordParameter("password")

    .permitAll();

    // 授予任何请求允许无条件访问

    // httpSecurity.authorizeRequests().anyRequest().permitAll();

    // 部分允许无条件访问

    // httpSecurity.authorizeRequests().antMatchers("/system/login", "/captcha/get", "/captcha/check").permitAll();

    // 其他需要鉴权认证

    // httpSecurity.authorizeRequests().anyRequest().authenticated();

    // 需要鉴权认证

    httpSecurity

    .authorizeRequests()

    .anyRequest()

    .authenticated()

    .withObjectPostProcessor(new ObjectPostProcessor() {

    @Override

    public O postProcess(O object) {

    object.setSecurityMetadataSource(filterInvocationSecurityMetadataSourceImpl);

    object.setAccessDecisionManager(accessDecisionManagerImpl);

    return object;

    }

    });

    // 没有认证

    httpSecurity.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);

    // 没有权限处理

    httpSecurity.exceptionHandling().accessDeniedHandler(accessDeniedHandler);

    // 过滤器

    httpSecurity.addFilterBefore(codeAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);

    httpSecurity.addFilter(jwtAuthenticationFilter());

    }

    @Override

    protected void configure(AuthenticationManagerBuilder builder) throws Exception {

    builder.userDetailsService(userDetailsServiceImpl).passwordEncoder(bCryptPasswordEncoder());

    }

    @Bean

    BCryptPasswordEncoder bCryptPasswordEncoder() {

    return new BCryptPasswordEncoder();

    }

    @Bean

    public AuthenticationManager authenticationManagerBean() throws Exception {

    return super.authenticationManagerBean();

    }

    }

    */

  • 相关阅读:
    从数学老师转行到银行做开发,我都经历了什么……
    外包干了2个月,技术退步明显了...
    Istio 探索:微服务的流量管理、安全性和策略加固
    Pytorch框架学习记录6——torch.nn.Module和torch.nn.functional.conv2d的使用
    [附源码]java毕业设计疫情状态下病房管理平台
    分类预测 | Matlab实现基于SDAE堆叠去噪自编码器的数据分类预测
    搜索技术领域的“奥林匹克”,飞桨支持“第二届百度搜索创新大赛”正式启动!...
    k8s笔记——kubernetes中的三种IP
    jQuery相关知识
    【Web前端入门】CSS知识详解——附源码
  • 原文地址:https://blog.csdn.net/phone13144830339/article/details/132812694