兰宝车间质量管理系统
上一版本: 84f00e7c | 补丁 | 提交 | 忽略空白
疯狂的狮子li
2022-07-06 48cb0a1bb1d3cb3f23a31adcf83173365c86f4f4 
update 更新过时配置 WebSecurityConfigurerAdapter 改为 bean 注入
已修改2个文件
48 ■■■■ 文件已修改
ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java 46 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
ruoyi-extend/ruoyi-monitor-admin/src/main/resources/application.yml 2 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java


@@ -1,10 +1,10 @@


package com.ruoyi.monitor.admin.config;




import de.codecentric.boot.admin.server.config.AdminServerProperties;


import org.springframework.context.annotation.Configuration;


import org.springframework.context.annotation.Bean;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.web.SecurityFilterChain;


import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;




/**


@@ -12,9 +12,8 @@


 *


 * @author Lion Li


 */


@Configuration


@EnableWebSecurity


public class SecurityConfig extends WebSecurityConfigurerAdapter {


public class SecurityConfig {




    private final String adminContextPath;




@@ -22,27 +21,30 @@


        this.adminContextPath = adminServerProperties.getContextPath();


    }




    @Override


    protected void configure(HttpSecurity httpSecurity) throws Exception {


    @Bean


    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {


        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();


        successHandler.setTargetUrlParameter("redirectTo");


        successHandler.setDefaultTargetUrl(adminContextPath + "/");


        // admin监控 用户鉴权


        httpSecurity.authorizeRequests()


            //授予对所有静态资产和登录页面的公共访问权限。


            .antMatchers(adminContextPath + "/assets/**").permitAll()


            .antMatchers(adminContextPath + "/login").permitAll()


            .antMatchers("/actuator").permitAll()


            .antMatchers("/actuator/**").permitAll()


            //必须对每个其他请求进行身份验证


            .anyRequest().authenticated().and()


            //配置登录和注销


            .formLogin().loginPage(adminContextPath + "/login")


            .successHandler(successHandler).and()


            .logout().logoutUrl(adminContextPath + "/logout").and()


            //启用HTTP-Basic支持。这是Spring Boot Admin Client注册所必需的


            .httpBasic().and().csrf().disable()


            .headers().frameOptions().disable();




        return httpSecurity


                .headers().frameOptions().disable()


                .and().authorizeRequests()


                .antMatchers(adminContextPath + "/assets/**"


                    , adminContextPath + "/login"


                    , "/actuator"


                    , "/actuator/**"


                ).permitAll()


                .anyRequest().authenticated()


                .and()


                .formLogin().loginPage(adminContextPath + "/login")


                .successHandler(successHandler).and()


                .logout().logoutUrl(adminContextPath + "/logout")


                .and()


                .httpBasic().and()


                .csrf()


                .disable()


                .build();


    }




}




 ruoyi-extend/ruoyi-monitor-admin/src/main/resources/application.yml


@@ -14,6 +14,8 @@


      password: 123456


  boot:


    admin:


      ui:


        title: RuoYi-Vue-Plus服务监控中心


      context-path: /admin




--- # Actuator 监控端点的配置项