白名单路径

69fd755e · xignzi006 · 7ed25b85 · 69fd755e
--- a/ibzdict-provider/ibzdict-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
+++ b/ibzdict-provider/ibzdict-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
@@ -3,6 +3,7 @@ package cn.ibizlab.api.config;
 import cn.ibizlab.util.security.AuthenticationEntryPoint;
 import cn.ibizlab.util.security.AuthorizationTokenFilter;
 import cn.ibizlab.util.service.AuthenticationUserService;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
@@ -55,6 +56,9 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
    @Value("${ibiz.file.previewpath:ibizutil/preview}")
    private String previewpath;

+    @Value("${ibiz.auth.excludesPattern:}")
+    private String excludesPattern;
+
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
@@ -119,9 +123,16 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
                .antMatchers("/"+downloadpath+"/**").permitAll()
                .antMatchers("/"+uploadpath).permitAll()
                .antMatchers("/"+previewpath+"/**").permitAll()
-               .antMatchers("/dictionarys/**").permitAll()
-                // 所有请求都需要认证
-                .anyRequest().authenticated()
+               .antMatchers("/dictionarys/**").permitAll();
+
+        if (StringUtils.isNotBlank(excludesPattern)) {
+            for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {
+                authenticationTokenFilter.addExcludePattern(excludePattern);
+                httpSecurity.authorizeRequests().antMatchers(excludePattern).permitAll();
+            }
+        }
+
+        httpSecurity.authorizeRequests().anyRequest().authenticated()
                // 防止iframe 造成跨域
                .and().headers().frameOptions().disable();