security配置

import com.yineng.corpsysland.security.*;

import com.yineng.corpsysland.web.filter.AuthorizationActiveFilter;

import com.yineng.corpsysland.web.filter.AuthorizationExpiredFilter;

import com.yineng.corpsysland.web.filter.CsrfCookieGeneratorFilter;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.core.env.Environment;

import org.springframework.security.authentication.AuthenticationProvider;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.builders.WebSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import org.springframework.security.web.authentication.RememberMeServices;

import org.springframework.security.web.csrf.CsrfFilter;

import javax.inject.Inject;

import javax.servlet.Filter;

@Configuration

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Inject

    private Environment env;

    @Inject

    private AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler;

    @Inject

    private AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;

    @Inject

    private AuthenticationProvider authenticationProvider;

    @Inject

    private RememberMeServices rememberMeServices;

    @Bean

    public PasswordEncoder passwordEncoder() {

        return new BCryptPasswordEncoder();

    }

    @Inject

    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

        auth.authenticationProvider(authenticationProvider);

    }

    @Override

    public void configure(WebSecurity web) throws Exception {

        web.ignoring()

            .antMatchers("/oauth/**");

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

            .csrf()

                .ignoringAntMatchers("/websocket/**")

                .ignoringAntMatchers("/api/authentication/**")

                .ignoringAntMatchers("/api/logout/**")

                .and()

            .addFilterAfter(new CsrfCookieGeneratorFilter(), CsrfFilter.class)

            .addFilterBefore(authorizationActiveFilter(), AuthenticationFilter.class)

            .addFilterAfter(authorizationExpiredFilter(), AuthenticationFilter.class)

            .rememberMe()

                .rememberMeServices(rememberMeServices)

                .rememberMeParameter("remember-me")

                .key(env.getProperty("jhipster.security.rememberme.key"))

                .and()

                .formLogin().loginPage("/login.html")

                .loginProcessingUrl("/api/authentication")

                .successHandler(ajaxAuthenticationSuccessHandler)

                .failureHandler(authenticationFailureHandler())

                .usernameParameter("j_username")

                .passwordParameter("j_password")

                .permitAll()

        .and()

            .logout()

            .logoutUrl("/api/logout")

            .logoutSuccessHandler(ajaxLogoutSuccessHandler)

            .deleteCookies("JSESSIONID")

            .permitAll()

        .and()

            .headers()

            .frameOptions()

            .disable()

        .and()

            .authorizeRequests().anyRequest().authenticated()

            .antMatchers("/activeSystem").permitAll()

            .antMatchers("/api/register").permitAll()

            .antMatchers("/api/activate").permitAll()

            .antMatchers("/api/authenticate").permitAll()

            .antMatchers("/api/account/reset_password/init").permitAll()

            .antMatchers("/api/account/reset_password/finish").permitAll()

            .antMatchers("/api/logs/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/api/**").authenticated()

            .antMatchers("/metrics/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/health/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/trace/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/dump/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/shutdown/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/beans/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/configprops/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/info/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/autoconfig/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/env/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/trace/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/api-docs/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/protected/**").authenticated();

    }

    @Bean

    public SecurityEvaluationContextExtension securityEvaluationContextExtension() {

        return new SecurityEvaluationContextExtension();

    }

    @Bean

    public AuthenticationFailureHandler authenticationFailureHandler() {

        return new AjaxAuthenticationFailureHandler("/activeSystem");

    }

    @Bean

    public Filter authorizationActiveFilter() {

        return new AuthorizationActiveFilter(authenticationFailureHandler());

    }

    @Bean

    public Filter authorizationExpiredFilter() {

        return new AuthorizationExpiredFilter(authenticationFailureHandler());

    }

}

配置拦截器

import com.yineng.corpsysland.config.locale.AngularCookieLocaleResolver;

import com.yineng.corpsysland.security.TokenAuthHandler;

import org.springframework.boot.bind.RelaxedPropertyResolver;

import org.springframework.context.EnvironmentAware;

import org.springframework.context.MessageSource;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.context.support.ReloadableResourceBundleMessageSource;

import org.springframework.core.env.Environment;

import org.springframework.web.servlet.LocaleResolver;

import org.springframework.web.servlet.config.annotation.InterceptorRegistry;

import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;

@Configuration

public class MyConfiguration extends WebMvcConfigurerAdapter{

    @Override

    public void addInterceptors(InterceptorRegistry registry) {

        registry.addInterceptor(new TokenAuthHandler()).addPathPatterns("/third/**");

    }

}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

SpringBoot使用的心得记录的更多相关文章

  1. SpringBoot使用logback日志记录

    在resources里的配置文件: logback-spring.xml <?xml version="1.0" encoding="UTF-8" ?&g ...

  2. Spring-Boot + MyBatis-Plus 踩坑记录

    这两天在学SpringBoot+MyBatis的开发,配置开发环境和DEMO的过程中踩了很多坑,在这里记录一下. 我的开发环境是idea + JDK 1.8.0.211. 首先展示一下demo的项目整 ...

  3. SpringBoot学习(学习过程记录)

    关于微服务和SOA 这,仅是我学习过程中记录的笔记.确定了一个待研究的主题,对这个主题进行全方面的剖析.笔记是用来方便我回顾与学习的,欢迎大家与我进行交流沟通,共同成长.不止是技术. 官网教程学习ht ...

  4. 会议管理心得记录(非markdown版)

    前提 本文说的会议特指有开发团队成员参与的会议, 包括但不限于开发.设计.测试.运维.管理岗位的成员. 因为不同工种和行业都有其特殊性,我是一名程序员,并不太了解其他工种和行业的具体情况,不敢妄言. ...

  5. ANE接入平台心得记录(安卓)

    开发环境:FlashBuilder4.7 AIR13.0 Eclipse 由于我懒得陪安卓的开发环境所以我下载了包含安卓SDK Manager的Eclipse,其实直接用FlashBuilder开发A ...

  6. iOS关于TableViewController和CollectionViewController中self.view心得记录

    之前写代码,不喜欢记录,导致很多做过的功能,时间久了都遗忘了. 以后要勤记录~~~ 一丶首先说一下TableViewController 大家都知道,如果直接创建一个继承于TableViewContr ...

  7. pymysql使用心得记录

    -----------更新日志 16.7.29------------- (该记录对应文章<豆瓣电影Top250基本信息抓取  >) 折腾了将近两天才把mysql数据库功能给实现了. 经过 ...

  8. springboot添加fluent日志记录

    istio默认会进行日志的记录,但是仅仅记录到服务.以及服务之间调用的信息,不记录业务日志. 如: 所以需要添加业务日志记录. 1.引入依赖 <dependency>     <gr ...

  9. springBoot的搭建使用记录

    一: 首次搭建:https://blog.csdn.net/u013187139/article/details/68944972 整合mybatis: https://www.jianshu.com ...

随机推荐

  1. DNS(企业级)

    构建DNS(企业级) 1.硬件选型 CPU:12C以上配置 内存:16G 网络:千兆 2.初始化系统配置 关闭 iptables service iptables stop chkconfig ipt ...

  2. html img src base64

    网页上有些图片的src或css背景图片的url后面跟了一大串字符,比如:data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAAEAAAAkCAYAAABId ...

  3. CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡

    一.简介 VS/NAT原理图: 二.系统环境 实验拓扑: 系统平台:CentOS 6.3 Kernel:2.6.32-279.el6.i686 LVS版本:ipvsadm-1.26 keepalive ...

  4. e_msg_c_as_register_req-注册存储过程

    TOP:BEGIN #Routine body goes here... IF EXISTS ( SELECT * FROM `global_account` WHERE `plantform_id` ...

  5. String类中的一些函数使用方法

    最常用的就是Length()函数了,求字符串的长度 String s="";int i=s.length();i结果为0. 如果是String s=null;int i=s.len ...

  6. Java数据结构——容器总结

    4大容器——List.Set.Queue.Map List 1.ArrayList 优点:随机访问元素 缺点:插入和移除元素时较慢 2.LinkedList 优点:插入和删除元素 缺点:随机访问方面相 ...

  7. iOS / Android 移动设备中的 Touch Icons

    上次转载了一篇<将你的网站打造成一个iOS Web App>,但偶然发现这篇文章的内容有些是错误的——准确来说也不是错误,只是不适合自半年前来的情况了(也可以说是iOS7 之后的时间)—— ...

  8. C#----Graphics中部分方法的使用和理解

    1.DrawArc(Pen, Rectangle, Single, Single) 说明:绘制一段弧线,弧线是椭圆的一部分,椭圆是矩形Rectangle的内切椭圆. 参数:Pen是画弧线使用的画笔:R ...

  9. haproxy安装

    最近一直在整理之前用过的东西,现在到haproxy了,安装如下: tar xf haproxy-1.4.27.tar.gz cd haproxy-1.4.27 make TARGET=linux26 ...

  10. CSS样式优先级

    关于CSS样式优先级 一般情况下: [1位重要标志位] > [4位特殊性标志] > 声明先后顺序 !important > [ id > class > tag ] 使用 ...