security配置

import com.yineng.corpsysland.security.*;

import com.yineng.corpsysland.web.filter.AuthorizationActiveFilter;

import com.yineng.corpsysland.web.filter.AuthorizationExpiredFilter;

import com.yineng.corpsysland.web.filter.CsrfCookieGeneratorFilter;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.core.env.Environment;

import org.springframework.security.authentication.AuthenticationProvider;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.builders.WebSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import org.springframework.security.web.authentication.RememberMeServices;

import org.springframework.security.web.csrf.CsrfFilter;

import javax.inject.Inject;

import javax.servlet.Filter;

@Configuration

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Inject

    private Environment env;

    @Inject

    private AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler;

    @Inject

    private AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;

    @Inject

    private AuthenticationProvider authenticationProvider;

    @Inject

    private RememberMeServices rememberMeServices;

    @Bean

    public PasswordEncoder passwordEncoder() {

        return new BCryptPasswordEncoder();

    }

    @Inject

    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

        auth.authenticationProvider(authenticationProvider);

    }

    @Override

    public void configure(WebSecurity web) throws Exception {

        web.ignoring()

            .antMatchers("/oauth/**");

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

            .csrf()

                .ignoringAntMatchers("/websocket/**")

                .ignoringAntMatchers("/api/authentication/**")

                .ignoringAntMatchers("/api/logout/**")

                .and()

            .addFilterAfter(new CsrfCookieGeneratorFilter(), CsrfFilter.class)

            .addFilterBefore(authorizationActiveFilter(), AuthenticationFilter.class)

            .addFilterAfter(authorizationExpiredFilter(), AuthenticationFilter.class)

            .rememberMe()

                .rememberMeServices(rememberMeServices)

                .rememberMeParameter("remember-me")

                .key(env.getProperty("jhipster.security.rememberme.key"))

                .and()

                .formLogin().loginPage("/login.html")

                .loginProcessingUrl("/api/authentication")

                .successHandler(ajaxAuthenticationSuccessHandler)

                .failureHandler(authenticationFailureHandler())

                .usernameParameter("j_username")

                .passwordParameter("j_password")

                .permitAll()

        .and()

            .logout()

            .logoutUrl("/api/logout")

            .logoutSuccessHandler(ajaxLogoutSuccessHandler)

            .deleteCookies("JSESSIONID")

            .permitAll()

        .and()

            .headers()

            .frameOptions()

            .disable()

        .and()

            .authorizeRequests().anyRequest().authenticated()

            .antMatchers("/activeSystem").permitAll()

            .antMatchers("/api/register").permitAll()

            .antMatchers("/api/activate").permitAll()

            .antMatchers("/api/authenticate").permitAll()

            .antMatchers("/api/account/reset_password/init").permitAll()

            .antMatchers("/api/account/reset_password/finish").permitAll()

            .antMatchers("/api/logs/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/api/**").authenticated()

            .antMatchers("/metrics/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/health/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/trace/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/dump/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/shutdown/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/beans/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/configprops/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/info/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/autoconfig/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/env/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/trace/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/api-docs/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/protected/**").authenticated();

    }

    @Bean

    public SecurityEvaluationContextExtension securityEvaluationContextExtension() {

        return new SecurityEvaluationContextExtension();

    }

    @Bean

    public AuthenticationFailureHandler authenticationFailureHandler() {

        return new AjaxAuthenticationFailureHandler("/activeSystem");

    }

    @Bean

    public Filter authorizationActiveFilter() {

        return new AuthorizationActiveFilter(authenticationFailureHandler());

    }

    @Bean

    public Filter authorizationExpiredFilter() {

        return new AuthorizationExpiredFilter(authenticationFailureHandler());

    }

}

配置拦截器

import com.yineng.corpsysland.config.locale.AngularCookieLocaleResolver;

import com.yineng.corpsysland.security.TokenAuthHandler;

import org.springframework.boot.bind.RelaxedPropertyResolver;

import org.springframework.context.EnvironmentAware;

import org.springframework.context.MessageSource;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.context.support.ReloadableResourceBundleMessageSource;

import org.springframework.core.env.Environment;

import org.springframework.web.servlet.LocaleResolver;

import org.springframework.web.servlet.config.annotation.InterceptorRegistry;

import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;

@Configuration

public class MyConfiguration extends WebMvcConfigurerAdapter{

    @Override

    public void addInterceptors(InterceptorRegistry registry) {

        registry.addInterceptor(new TokenAuthHandler()).addPathPatterns("/third/**");

    }

}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

SpringBoot使用的心得记录的更多相关文章

  1. SpringBoot使用logback日志记录

    在resources里的配置文件: logback-spring.xml <?xml version="1.0" encoding="UTF-8" ?&g ...

  2. Spring-Boot + MyBatis-Plus 踩坑记录

    这两天在学SpringBoot+MyBatis的开发,配置开发环境和DEMO的过程中踩了很多坑,在这里记录一下. 我的开发环境是idea + JDK 1.8.0.211. 首先展示一下demo的项目整 ...

  3. SpringBoot学习(学习过程记录)

    关于微服务和SOA 这,仅是我学习过程中记录的笔记.确定了一个待研究的主题,对这个主题进行全方面的剖析.笔记是用来方便我回顾与学习的,欢迎大家与我进行交流沟通,共同成长.不止是技术. 官网教程学习ht ...

  4. 会议管理心得记录(非markdown版)

    前提 本文说的会议特指有开发团队成员参与的会议, 包括但不限于开发.设计.测试.运维.管理岗位的成员. 因为不同工种和行业都有其特殊性,我是一名程序员,并不太了解其他工种和行业的具体情况,不敢妄言. ...

  5. ANE接入平台心得记录(安卓)

    开发环境:FlashBuilder4.7 AIR13.0 Eclipse 由于我懒得陪安卓的开发环境所以我下载了包含安卓SDK Manager的Eclipse,其实直接用FlashBuilder开发A ...

  6. iOS关于TableViewController和CollectionViewController中self.view心得记录

    之前写代码,不喜欢记录,导致很多做过的功能,时间久了都遗忘了. 以后要勤记录~~~ 一丶首先说一下TableViewController 大家都知道,如果直接创建一个继承于TableViewContr ...

  7. pymysql使用心得记录

    -----------更新日志 16.7.29------------- (该记录对应文章<豆瓣电影Top250基本信息抓取  >) 折腾了将近两天才把mysql数据库功能给实现了. 经过 ...

  8. springboot添加fluent日志记录

    istio默认会进行日志的记录,但是仅仅记录到服务.以及服务之间调用的信息,不记录业务日志. 如: 所以需要添加业务日志记录. 1.引入依赖 <dependency>     <gr ...

  9. springBoot的搭建使用记录

    一: 首次搭建:https://blog.csdn.net/u013187139/article/details/68944972 整合mybatis: https://www.jianshu.com ...

随机推荐

  1. 网站缓存数据到tomcat服务器

    通过缓存使相同的数据不用重复加载,降低数据库的访问 public class CacheFilter implements Filter { //实例变量[每线程共享] private Map< ...

  2. BZOJ树链剖分题目汇总

    1036,2157,2243,4034,4196;2325,2908,3083,3159,3531,3626,3999;可以不树剖:1146;2819,2843,4448,4530.

  3. easyUI validate函数【总结篇-部分转】

    以下是自己总结和修改别人的帖子和资源整理出来的一些常用验证函数,备用,交流. <body>邮箱验证:<input type="text" validtype=&q ...

  4. Python学习笔记——基本语法

    1.程序输出——print语句 >>> myString = 'Hello World!' >>> print myString Hello World! > ...

  5. JavaWeb学习笔记——Tomcat数据源

    server.xml配置数据帐号和密码等

  6. FBX Software Development Kit

    FBX Software Development Kit The FBX Software Development Kit (FBX SDK) allows software developers t ...

  7. CodeLite的姿势

    在Mac上安装cscope 1.下载cscope的Zip压缩包 2.解压 3.打开终端,进入解压目录,运行 ./configure make make install 4.在CodeLite中,在Pl ...

  8. 正则表达式分组()、不捕获(?:)和断言(?<=)详解

    分组 分组在正则中用()表示,根据小菜理解,分组的作用有两个: 1.将某些规律看成是一组,然后进行组级别的重复,可以得到意想不到的效果. 2.分组之后,可以通过后向引用简化表达式(\1 或者$1). ...

  9. JavaScript 函数参数传递到底是值传递还是引用传递

    tips:这篇文章是听了四脚猫的js课程后查的,深入的理解可以参看两篇博客: JavaScript数据类型--值类型和引用类型 JavaScript数据操作--原始值和引用值的操作本质 在传统的观念里 ...

  10. EF DbModelBuilder

    protected override void OnModelCreating(DbModelBuilder modelBuilder) { var model = modelBuilder.Buil ...