From 09dfb25d735d26e08b81307515ec32708016da33 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期二, 07 十二月 2021 12:20:21 +0800
Subject: [PATCH] update 修改 健康检查权限 改为用户放行 提高安全性

---
 ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
index 98834a9..04a0fde 100644
--- a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
+++ b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
@@ -2,20 +2,18 @@
 
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 
 /**
- * spring security閰嶇疆
+ * admin 鐩戞帶 瀹夊叏閰嶇疆
  *
- * @author ruoyi
+ * @author Lion Li
  */
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	private final String adminContextPath;
@@ -29,11 +27,13 @@
 		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 		successHandler.setTargetUrlParameter("redirectTo");
 		successHandler.setDefaultTargetUrl(adminContextPath + "/");
-
+		// admin鐩戞帶 鐢ㄦ埛閴存潈
 		httpSecurity.authorizeRequests()
 			//鎺堜簣瀵规墍鏈夐潤鎬佽祫浜у拰鐧诲綍椤甸潰鐨勫叕鍏辫闂潈闄愩��
 			.antMatchers(adminContextPath + "/assets/**").permitAll()
 			.antMatchers(adminContextPath + "/login").permitAll()
+            .antMatchers("/actuator").permitAll()
+            .antMatchers("/actuator/**").permitAll()
 			//蹇呴』瀵规瘡涓叾浠栬姹傝繘琛岃韩浠介獙璇�
 			.anyRequest().authenticated().and()
 			//閰嶇疆鐧诲綍鍜屾敞閿�

--
Gitblit v1.9.3