package org.jeecg.monitor.config;
|
|
import de.codecentric.boot.admin.server.config.AdminServerProperties;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
|
|
/**
|
* @author scott
|
*/
|
@Configuration
|
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
|
|
private final String adminContextPath;
|
|
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
|
this.adminContextPath = adminServerProperties.getContextPath();
|
}
|
|
|
@Override
|
protected void configure(HttpSecurity http) throws Exception {
|
// 登录成功处理类
|
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
|
successHandler.setTargetUrlParameter("redirectTo");
|
successHandler.setDefaultTargetUrl(adminContextPath + "/");
|
|
http.authorizeRequests()
|
//静态文件允许访问
|
.antMatchers(adminContextPath + "/assets/**").permitAll()
|
//登录页面允许访问
|
.antMatchers(adminContextPath + "/login", "/css/**", "/js/**", "/image/*").permitAll()
|
//其他所有请求需要登录
|
.anyRequest().authenticated()
|
.and()
|
//登录页面配置,用于替换security默认页面
|
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
|
//登出页面配置,用于替换security默认页面
|
.logout().logoutUrl(adminContextPath + "/logout").and()
|
.httpBasic().and()
|
.csrf()
|
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
|
.ignoringAntMatchers(
|
"/instances",
|
"/actuator/**"
|
);
|
|
}
|
|
}
|
