RuoYi-Cloud/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java

package com.ruoyi.auth.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * Security 安全认证相关配置
 * Oauth2依赖于Security 默认情况下WebSecurityConfig执行比ResourceServerConfig优先
 * 
 * @author ruoyi
 */
@Primary
@Order(90)
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder passwordEncoder()
    {
        return new BCryptPasswordEncoder();
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception
    {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception
    {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception
    {
        http.httpBasic().disable();

        http
        .authorizeRequests()
        .antMatchers(
            "/actuator/**",
            "/token/**").permitAll()
        .anyRequest().authenticated()
        .and().csrf().disable();

    }

    /*** 设置不拦截规则 */
    @Override
    public void configure(WebSecurity web)
    {
        web.ignoring().antMatchers("/css/**", "/js/**", "/plugins/**", "/favicon.ico");
    }
}
devtools 2020-05-22 14:10:21 +08:00			`package com.ruoyi.auth.config;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.context.annotation.Bean;`
			`import org.springframework.context.annotation.Configuration;`
			`import org.springframework.context.annotation.Primary;`
			`import org.springframework.core.annotation.Order;`
			`import org.springframework.security.authentication.AuthenticationManager;`
			`import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;`
			`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
			`import org.springframework.security.config.annotation.web.builders.WebSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`
			`import org.springframework.security.core.userdetails.UserDetailsService;`
			`import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;`
			`import org.springframework.security.crypto.password.PasswordEncoder;`

			`/**`
			`* Security 安全认证相关配置`
			`* Oauth2依赖于Security 默认情况下WebSecurityConfig执行比ResourceServerConfig优先`
			`*`
			`* @author ruoyi`
			`*/`
			`@Primary`
			`@Order(90)`
			`@Configuration`
			`public class WebSecurityConfig extends WebSecurityConfigurerAdapter`
			`{`
			`@Autowired`
			`private UserDetailsService userDetailsService;`

			`@Bean`
			`public PasswordEncoder passwordEncoder()`
			`{`
			`return new BCryptPasswordEncoder();`
			`}`

			`@Bean`
			`@Override`
			`public AuthenticationManager authenticationManagerBean() throws Exception`
			`{`
			`return super.authenticationManagerBean();`
			`}`

			`@Override`
			`protected void configure(AuthenticationManagerBuilder auth) throws Exception`
			`{`
			`auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());`
			`}`

			`@Override`
			`protected void configure(HttpSecurity http) throws Exception`
			`{`
			`http.httpBasic().disable();`

			`http`
			`.authorizeRequests()`
			`.antMatchers(`
			`"/actuator/**",`
			`"/token/**").permitAll()`
			`.anyRequest().authenticated()`
			`.and().csrf().disable();`

			`}`

			`/*** 设置不拦截规则 */`
			`@Override`
			`public void configure(WebSecurity web)`
			`{`
			`web.ignoring().antMatchers("/css/", "/js/", "/plugins/**", "/favicon.ico");`
			`}`
			`}`