syy/SYYTe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

适配springsecurity6.1

This commit is contained in:
阿沐 2023-06-16 13:26:05 +08:00
parent 138be7716a
commit 6b4cce5db2
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
maku-framework/src/main/java/net/maku/framework/security/config/SecurityConfig.java
View File

@ -18,6 +18,7 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
@ -81,17 +82,17 @@ public class SecurityConfig {
http http
.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class) .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.and().authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth
.requestMatchers(permits).permitAll() .requestMatchers(permits).permitAll()
.requestMatchers(HttpMethod.OPTIONS).permitAll() .requestMatchers(HttpMethod.OPTIONS).permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.exceptionHandling().authenticationEntryPoint(new SecurityAuthenticationEntryPoint()) .exceptionHandling(exception -> exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint()))
.and().headers().frameOptions().disable() .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
.and().csrf(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable)
; ;
return http.build(); return http.build();
} }
} }