|
|
|
|
@ -1,6 +1,5 @@ |
|
|
|
|
package edu.ncst.award.config; |
|
|
|
|
|
|
|
|
|
import org.springframework.security.web.access.ExceptionTranslationFilter; |
|
|
|
|
import com.fasterxml.jackson.databind.ObjectMapper; |
|
|
|
|
import edu.ncst.award.config.security.DataBaseUrlVoter; |
|
|
|
|
import edu.ncst.award.config.security.filter.AuthCheckFilter; |
|
|
|
|
@ -13,13 +12,13 @@ import org.springframework.beans.factory.annotation.Autowired; |
|
|
|
|
import org.springframework.context.annotation.Bean; |
|
|
|
|
import org.springframework.context.annotation.Configuration; |
|
|
|
|
import org.springframework.data.redis.core.RedisTemplate; |
|
|
|
|
import org.springframework.http.HttpMethod; |
|
|
|
|
import org.springframework.security.access.AccessDecisionManager; |
|
|
|
|
import org.springframework.security.access.AccessDecisionVoter; |
|
|
|
|
import org.springframework.security.access.vote.AuthenticatedVoter; |
|
|
|
|
import org.springframework.security.access.vote.RoleVoter; |
|
|
|
|
import org.springframework.security.access.vote.UnanimousBased; |
|
|
|
|
import org.springframework.security.authentication.AuthenticationManager; |
|
|
|
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; |
|
|
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
|
|
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; |
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
|
|
@ -95,13 +94,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
|
|
"/error*" |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* 密码加密器 |
|
|
|
|
*/ |
|
|
|
|
@Bean |
|
|
|
|
public PasswordEncoder passwordEncoderBean() { |
|
|
|
|
return new BCryptPasswordEncoder(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* 权限投票访问决策管理器 |
|
|
|
|
@ -119,7 +113,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|
|
|
|
|
|
|
|
|
@Override |
|
|
|
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception { |
|
|
|
|
auth.userDetailsService(userService); |
|
|
|
|
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); |
|
|
|
|
daoAuthenticationProvider.setHideUserNotFoundExceptions(false); |
|
|
|
|
daoAuthenticationProvider.setUserDetailsService(userService); |
|
|
|
|
daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder()); |
|
|
|
|
auth.authenticationProvider(daoAuthenticationProvider); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
|