ak/zn-cloud-wcs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

【功能优化】spring security:antMatchers 替换成 requestMatchers

Browse Source
This commit is contained in:
YunaiV 2024-10-03 09:41:03 +08:00
parent d63a2ae439
commit cc1c0b62a3
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
yudao-module-mall/yudao-module-statistics-biz/src/main/java/cn/iocoder/yudao/module/statistics/framework/security/config/SecurityConfiguration.java
View File

@ -4,30 +4,33 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
/** /**
* Statistics 模块的 Security 配置 * Statistics 模块的 Security 配置
*/ */
@Configuration("statisticsSecurityConfiguration") @Configuration("reportSecurityConfiguration")
public class SecurityConfiguration { public class SecurityConfiguration {
@Bean("statisticsAuthorizeRequestsCustomizer") @Bean("reportAuthorizeRequestsCustomizer")
public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
return new AuthorizeRequestsCustomizer() { return new AuthorizeRequestsCustomizer() {
@Override @Override
public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) { public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
// Swagger 接口文档 // Swagger 接口文档
registry.antMatchers("/v3/api-docs/**").permitAll() registry.requestMatchers("/v3/api-docs/**").permitAll()
.antMatchers("/webjars/**").permitAll() .requestMatchers("/webjars/**").permitAll()
.antMatchers("/swagger-ui").permitAll() .requestMatchers("/swagger-ui").permitAll()
.antMatchers("/swagger-ui/**").permitAll(); .requestMatchers("/swagger-ui/**").permitAll();
// Spring Boot Actuator 的安全配置 // Spring Boot Actuator 的安全配置
registry.antMatchers("/actuator").anonymous() registry.requestMatchers("/actuator").permitAll()
.antMatchers("/actuator/**").anonymous(); .requestMatchers("/actuator/**").permitAll();
// Druid 监控 // Druid 监控
registry.antMatchers("/druid/**").anonymous(); registry.requestMatchers("/druid/**").permitAll();
// 积木报表
registry.requestMatchers("/jmreport/**").permitAll();
} }
}; };