| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 |
- package com.yihu.wlyy.config;
- import com.yihu.wlyy.filter.AccessDecisionManagerImpl;
- import com.yihu.wlyy.filter.AccessDeniedHandlerImpl;
- import org.springframework.context.annotation.Bean;
- import org.springframework.security.access.AccessDecisionManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.builders.WebSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
- /**
- * @author lincl
- * @version 1.0
- * @created 2016/7/21
- */
- @EnableWebSecurity
- public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- public void configure(WebSecurity web) throws Exception {
- // 设置不拦截规则
- web.ignoring().antMatchers(
- "/static/**",
- "/error/**",
- "/out",
- "/**.jsp",
- "/common/**",
- "/login/**",
- "/yueren/**",
- "/customer/**",
- "/third/**",
- "/admin/hos/doctor/importFromExcel",
- "/admin/hos/doctor/importData",
- "/admin/team/importData",
- "/admin/hos/importData",
- "/admin/hos/doctor/toExcel",
- "/admin/device/toExcel",
- "/admin/patientDevice/toExcel",
- "/admin/healthIndex/toExcel",
- "/admin/static/prescription/toExcel",
- "/admin/static/wechat/listToExcel",
- "/admin/static/wechat/hosipitaTotalToExcel",
- "/admin/static/wechat/townTotalToExcel",
- "/admin/basedata/importData",
- "/admin/wlyyUserRole/importData",
- "/WEB—INF/views/**"
- );
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- // 设置拦截规则
- http
- .authorizeRequests()
- .accessDecisionManager(accessDecisionManager())
- .expressionHandler(webSecurityExpressionHandler())
- .antMatchers("/yueren/**").permitAll()
- // .antMatchers("/admin/main").permitAll()
- // .antMatchers("/login/**").permitAll()
- // .antMatchers("/admin/**").authenticated()
- .antMatchers("/admin/**").hasRole("USER")
- .and()
- .exceptionHandling().accessDeniedHandler(accessDeniedHandler())
- .and()
- // .headers().frameOptions().disable();//取消jfame的安全验证
- // .and()
- .headers().disable();
- // 自定义登录页面
- // http.csrf().disable().formLogin().loginPage("/login").permitAll();
- // 自定义注销
- // http.logout().logoutUrl("/logout").logoutSuccessUrl("/login")
- // .invalidateHttpSession(true);
- // session管理
- // http.sessionManagement().sessionFixation().changeSessionId()
- // .maximumSessions(1).expiredUrl("/");
- // RemeberMe 和UserDetailsService合作 用来保存用户信息, 一段时间内可以不用在输入用户名和密码登录,暂不使用该功能
- // http.rememberMe().key("webmvc#FD637E6D9C0F1A5A67082AF56CE32485");
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- }
- /*
- * 最终访问控制器
- */
- @Bean(name = "accessDecisionManager")
- public AccessDecisionManager accessDecisionManager() {
- return new AccessDecisionManagerImpl();
- }
- /*
- * 错误信息拦截器
- */
- @Bean(name = "accessDeniedHandler")
- public AccessDeniedHandlerImpl accessDeniedHandler() {
- AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
- // accessDeniedHandler.setErrorPage("/error/403.jsp");
- return accessDeniedHandler;
- }
- /*
- * 表达式控制器
- */
- @Bean(name = "expressionHandler")
- public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler() {
- DefaultWebSecurityExpressionHandler webSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
- return webSecurityExpressionHandler;
- }
- }
|
