提交 c3b2b962 编写于 作者: xignzi006's avatar xignzi006 🇨🇳

更新 DevBootSecurityConfig.java.ftl

上级 488260c7
...@@ -6,6 +6,7 @@ package ${pub.getPKGCodeName()}.config; ...@@ -6,6 +6,7 @@ package ${pub.getPKGCodeName()}.config;
import ${pub.getPKGCodeName()}.util.security.AuthenticationEntryPoint; import ${pub.getPKGCodeName()}.util.security.AuthenticationEntryPoint;
import ${pub.getPKGCodeName()}.util.security.AuthorizationTokenFilter; import ${pub.getPKGCodeName()}.util.security.AuthorizationTokenFilter;
import ${pub.getPKGCodeName()}.util.service.AuthenticationUserService; import ${pub.getPKGCodeName()}.util.service.AuthenticationUserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
...@@ -55,6 +56,9 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -55,6 +56,9 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${r'${ibiz.file.previewpath:ibizutil/preview}"'}) @Value("${r'${ibiz.file.previewpath:ibizutil/preview}"'})
private String previewpath; private String previewpath;
@Value("${r'${ibiz.auth.excludesPattern:}"'})
private String excludesPattern;
@Autowired @Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
...@@ -116,8 +120,16 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -116,8 +120,16 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
// 文件操作 // 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll() .antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll() .antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll() .antMatchers("/"+previewpath+"/**").permitAll();
.anyRequest().authenticated()
if (StringUtils.isNotBlank(excludesPattern)) {
for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {
authenticationTokenFilter.addExcludePattern(excludePattern);
httpSecurity.authorizeRequests().antMatchers(excludePattern).permitAll();
}
}
httpSecurity.authorizeRequests().anyRequest().authenticated()
// 防止iframe 造成跨域 // 防止iframe 造成跨域
.and().headers().frameOptions().disable(); .and().headers().frameOptions().disable();
httpSecurity httpSecurity
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册