com.soento.security.config.SecurityConfig Maven / Gradle / Ivy
The newest version!
package com.soento.security.config;
import com.soento.spring.properties.AuthProperties;
import com.soento.spring.support.MessageSourceAccessor;
import com.soento.security.service.DefaultPasswordService;
import com.soento.security.support.OauthEntryPoint;
import com.soento.security.support.PermissionSecurityFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import javax.annotation.Resource;
/**
* spring security配置
*
* @author soento
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private MessageSourceAccessor msa;
@Resource
private AuthProperties authProperties;
@Resource
private UserDetailsService userDetailsService;
@Resource
private DefaultPasswordService passwordEncoder;
@Resource
private PermissionSecurityFilter permissionSecurityFilter;
/**
* 全局用户信息
* 方法上的注解@Autowired的意思是,方法的参数的值是从spring容器中获取的
* 即参数AuthenticationManagerBuilder是spring中的一个Bean
*
* @param auth 认证管理
* @throws Exception 用户认证异常信息
*/
@Autowired
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
}
/**
* 认证管理
*
* @return 认证管理对象
* @throws Exception 认证异常信息
*/
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
/**
* http安全配置
*
* @param http http安全对象
* @throws Exception http安全异常信息
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().exceptionHandling()
.authenticationEntryPoint(new OauthEntryPoint(msa))
.and().authorizeRequests()
// 放开权限的url
.antMatchers(authProperties.permit()).permitAll()
.anyRequest().authenticated().and()
.httpBasic().and().csrf().disable();
http.addFilterBefore(permissionSecurityFilter, FilterSecurityInterceptor.class);
}
}