From 0ae521a7dc948e3589104f8b48ad49b77ff9d066 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期五, 17 一月 2025 10:42:31 +0800
Subject: [PATCH] update springboot 3.3.5 => 3.4.1 update springdoc 2.7.0 => 2.8.3 update mybatis-plus 3.5.9 => 3.5.10 update hutool 5.8.31 => 5.8.35 update springboot-admin 3.3.4 => 3.4.1 update redisson 3.39.0 => 3.43.0 update mapstruct-plus 1.4.5 => 1.4.6 update lombok 1.18.34 => 1.18.36 update anyline 20241022 => 20250101 update snailjob beta1 => beta1.1
---
ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java | 36 +++++++++++++++++++-----------------
1 files changed, 19 insertions(+), 17 deletions(-)
diff --git a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java
index 4bd37ff..3458cc9 100644
--- a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java
+++ b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java
@@ -3,10 +3,14 @@
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
/**
* admin 鐩戞帶 瀹夊叏閰嶇疆
@@ -30,23 +34,21 @@
successHandler.setDefaultTargetUrl(adminContextPath + "/");
return httpSecurity
- .headers().frameOptions().disable()
- .and().authorizeHttpRequests()
- .requestMatchers(adminContextPath + "/assets/**"
- , adminContextPath + "/login"
- , "/actuator"
- , "/actuator/**"
- ).permitAll()
- .anyRequest().authenticated()
- .and()
- .formLogin().loginPage(adminContextPath + "/login")
- .successHandler(successHandler).and()
- .logout().logoutUrl(adminContextPath + "/logout")
- .and()
- .httpBasic().and()
- .csrf()
- .disable()
- .build();
+ .headers((header) ->
+ header.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
+ .authorizeHttpRequests((authorize) ->
+ authorize.requestMatchers(
+ new AntPathRequestMatcher(adminContextPath + "/assets/**"),
+ new AntPathRequestMatcher(adminContextPath + "/login")
+ ).permitAll()
+ .anyRequest().authenticated())
+ .formLogin((formLogin) ->
+ formLogin.loginPage(adminContextPath + "/login").successHandler(successHandler))
+ .logout((logout) ->
+ logout.logoutUrl(adminContextPath + "/logout"))
+ .httpBasic(Customizer.withDefaults())
+ .csrf(AbstractHttpConfigurer::disable)
+ .build();
}
}
--
Gitblit v1.9.3