| | |
|---|
| | | import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * spring security配置 |
|---|
| | | * admin 监控 安全配置 |
|---|
| | | * |
|---|
| | | * @author ruoyi |
|---|
| | | * @author Lion Li |
|---|
| | | */ |
|---|
| | | @Configuration |
|---|
| | | @EnableWebSecurity |
|---|
| | |
|---|
| | | SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); |
|---|
| | | successHandler.setTargetUrlParameter("redirectTo"); |
|---|
| | | successHandler.setDefaultTargetUrl(adminContextPath + "/"); |
|---|
| | | |
|---|
| | | // admin监控 用户鉴权 |
|---|
| | | httpSecurity.authorizeRequests() |
|---|
| | | //授予对所有静态资产和登录页面的公共访问权限。 |
|---|
| | | .antMatchers(adminContextPath + "/assets/**").permitAll() |
|---|
| | | .antMatchers(adminContextPath + "/login").permitAll() |
|---|
| | | .antMatchers("/actuator").anonymous() |
|---|
| | | .antMatchers("/actuator/**").anonymous() |
|---|
| | | //必须对每个其他请求进行身份验证 |
|---|
| | | .anyRequest().authenticated().and() |
|---|
| | | //配置登录和注销 |
|---|
