更新 %APP%SecurityConfig.java.ftl

7d0e004a · xignzi006 · 61c511f2 · 7d0e004a
--- a/SLN/%PUBPRJ%-app/%PUBPRJ%-app-%APP_PKGPATH%/src/main/java/%SYS_PKGPATH%/%APP_PKGPATH%/config/%APP%SecurityConfig.java.ftl
+++ b/SLN/%PUBPRJ%-app/%PUBPRJ%-app-%APP_PKGPATH%/src/main/java/%SYS_PKGPATH%/%APP_PKGPATH%/config/%APP%SecurityConfig.java.ftl
@@ -56,6 +56,9 @@ public class ${app.getPKGCodeName()}SecurityConfig extends WebSecurityConfigurer

    @Value("${r'${ibiz.file.previewpath:ibizutil/preview}"'})
    private String previewpath;
+    
+    @Value("${r'${ibiz.auth.excludesPattern:}"'})
+    private String[] excludesPattern;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
@@ -119,9 +122,15 @@ public class ${app.getPKGCodeName()}SecurityConfig extends WebSecurityConfigurer
                // 文件操作
                .antMatchers("/"+downloadpath+"/**").permitAll()
                .antMatchers("/"+uploadpath).permitAll()
-                .antMatchers("/"+previewpath+"/**").permitAll()
-                // 所有请求都需要认证
-                .anyRequest().authenticated()
+                .antMatchers("/"+previewpath+"/**");
+
+        for (String excludePattern : excludesPattern) {
+            authenticationTokenFilter.addExcludePattern(excludePattern);
+            httpSecurity.authorizeRequests().antMatchers(excludePattern).permitAll();
+        }
+
+        // 所有请求都需要认证
+        httpSecurity.authorizeRequests().anyRequest().authenticated()
                // 防止iframe 造成跨域
                .and().headers().frameOptions().disable();