org.onetwo.boot.module.security.url.BootUrlBasedSecurityConfig Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of onetwo-boot Show documentation

onetwo-boot

There is a newer version: 5.2.7

package org.onetwo.boot.module.security.url;

import org.onetwo.boot.module.security.config.BootSecurityCommonContextConfig;
import org.onetwo.ext.security.method.DefaultMethodSecurityConfigurer;
import org.onetwo.ext.security.method.JFishMethodSecurityMetadataSource;
import org.onetwo.ext.security.url.SecurityBeanPostProcessor;
import org.onetwo.ext.security.url.UrlBasedSecurityConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.core.annotation.Order;
import org.springframework.security.access.AccessDecisionManager;

@Configuration
@Import(BootSecurityCommonContextConfig.class)
public class BootUrlBasedSecurityConfig extends UrlBasedSecurityConfig {
	
	/*** 
	 * 如果不是基于方法拦截（即url匹配），需要用后处理器重新配置SecurityMetadataSource
	 * @return
	 */
	@Bean
	@ConditionalOnMissingBean(JFishMethodSecurityMetadataSource.class)
	public SecurityBeanPostProcessor securityBeanPostProcessor(){
		return super.securityBeanPostProcessor();
	}

	@Bean
	@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
	@ConditionalOnMissingBean(DefaultMethodSecurityConfigurer.class)
	@Autowired
	public DefaultMethodSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
		return super.defaultSecurityConfigurer(accessDecisionManager);
	}
}