Home Explore Help
Register Sign In
geo-library
/
microarch_bg_aoid
Watch 3
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

upgraded security architecture

Lloyd 3 years ago
parent
89a942c266
commit
45ea98a985
3 changed files with 7 additions and 58 deletions
Split View Show Diff Stats
  1. 5 5
      pom.xml
  2. 2 0
      src/main/java/com/gct/aoid/ProductionCalApplication.java
  3. 0 53
      src/main/java/com/gct/aoid/config/WebSecurityConfig.java

+ 5 - 5
pom.xml
View File 

@@ -25,7 +25,7 @@
25 25 
         </dependency>
26 26 
         <!--common 安全包-->
27 27 
         <dependency>
28 
-            <groupId>com.gct.common.core</groupId>
28 
+            <groupId>com.gct.common.security</groupId>
29 29 
             <artifactId>common-security</artifactId>
30 30 
         </dependency>
31 31 
         <dependency>
 
@@ -165,7 +165,7 @@
165 165 
                 <version>${com-gct-common-core.version}</version>
166 166 
             </dependency>
167 167 
             <dependency>
168 
-                <groupId>com.gct.common.core</groupId>
168 
+                <groupId>com.gct.common.security</groupId>
169 169 
                 <artifactId>common-security</artifactId>
170 170 
                 <version>${com-gct-common-security.version}</version>
171 171 
             </dependency>
 
@@ -198,9 +198,9 @@
198 198 
     <properties>
199 199 
         <java.version>1.8</java.version>
200 200 
         <jdk.version>8</jdk.version>
201 
-        <com-gct-common-core.version>1.0-SNAPSHOT</com-gct-common-core.version>
202 
-        <com-gct-common-security.version>1.0-SNAPSHOT</com-gct-common-security.version>
203 
-        <com-gct-common-util.version>1.0-SNAPSHOT</com-gct-common-util.version>
201 
+        <com-gct-common-core.version>2.0-SNAPSHOT</com-gct-common-core.version>
202 
+        <com-gct-common-security.version>2.0-SNAPSHOT</com-gct-common-security.version>
203 
+        <com-gct-common-util.version>2.0-SNAPSHOT</com-gct-common-util.version>
204 204 
         <commons-io.version>2.8.0</commons-io.version>
205 205 
         <org.apache.thrift.version>0.13.0</org.apache.thrift.version>
206 206 
         <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>

+ 2 - 0
src/main/java/com/gct/aoid/ProductionCalApplication.java
View File 

@@ -1,5 +1,6 @@
1 1 
 package com.gct.aoid;
2 2
3 
+import com.gct.common.security.annotation.EnableGCTServiceSecurity;
3 4 
 import com.spring4all.swagger.EnableSwagger2Doc;
4 5 
 import org.mybatis.spring.annotation.MapperScan;
5 6 
 import org.springframework.boot.SpringApplication;
 
@@ -20,6 +21,7 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
20 21 
 @EnableDiscoveryClient//开启服务注册
21 22 
 //@EnableScheduling//开启定时任务
22 23 
 @ImportAutoConfiguration({RibbonAutoConfiguration.class, FeignRibbonClientAutoConfiguration.class, FeignAutoConfiguration.class})
24 
+@EnableGCTServiceSecurity
23 25 
 @EnableTransactionManagement
24 26 
 public class ProductionCalApplication {
25 27

+ 0 - 53
src/main/java/com/gct/aoid/config/WebSecurityConfig.java
View File 

@@ -1,53 +0,0 @@
1 
-package com.gct.aoid.config;
2 
-
3 
-
4 
-import com.gct.common.security.core.CustomAccessDeniedHandler;
5 
-import com.gct.common.security.core.JwtAuthenticationFilter;
6 
-import org.springframework.context.annotation.Bean;
7 
-import org.springframework.context.annotation.Configuration;
8 
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
9 
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
11 
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
12 
-import org.springframework.security.config.http.SessionCreationPolicy;
13 
-import org.springframework.security.web.access.AccessDeniedHandler;
14 
-import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
15 
-
16 
-/**
17 
- * Spring Security配置
18 
- * @author: NewMeanning
19 
- * @create: 2020-12-25 11:36
20 
- */
21 
-@Configuration
22 
-@EnableWebSecurity	// 开启Spring Security
23 
-@EnableGlobalMethodSecurity(prePostEnabled = true)	// 开启权限注解,如:@PreAuthorize注解
24 
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
25 
-
26 
-
27 
-    @Override
28 
-    protected void configure(HttpSecurity http) throws Exception {
29 
-        http
30 
-                .csrf().disable()
31 
-                .authorizeRequests()
32 
-                .antMatchers("/swagger-ui.html").permitAll()
33 
-                .antMatchers("/swagger-resources/**").permitAll()
34 
-                .antMatchers("/v2/api-docs").permitAll()
35 
-                // 服务监控
36 
-                .antMatchers("/actuator/**").permitAll()
37 
-                // 其他所有请求需要身份认证
38 
-                .anyRequest().authenticated()
39 
-                .and().exceptionHandling().accessDeniedHandler(accessDeniedHandler())
40 
-                .and()
41 
-                //禁用session
42 
-                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
43 
-                .and()
44 
-                //添加自定义过滤器
45 
-                .addFilterAt(new JwtAuthenticationFilter(super.authenticationManager()), BasicAuthenticationFilter.class);
46 
-    }
47 
-
48 
-    @Bean
49 
-    public AccessDeniedHandler accessDeniedHandler() {
50 
-        return new CustomAccessDeniedHandler();
51 
-    }
52 
-
53 
-}