Browse Source

优化鉴权例外, 添加.gitignore

pull/129/head
64850858 4 years ago
parent
commit
c3271d7407
  1. 1
      .gitignore
  2. 10
      src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
  3. 2
      src/main/resources/all-application.yml

1
.gitignore

@ -26,3 +26,4 @@ hs_err_pid*
/.idea/ /.idea/
/target/ /target/
/src/main/resources/static/

10
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java

@ -1,6 +1,8 @@
package com.genersoft.iot.vmp.conf.security; package com.genersoft.iot.vmp.conf.security;
import com.genersoft.iot.vmp.conf.UserSetup; import com.genersoft.iot.vmp.conf.UserSetup;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
@ -24,6 +26,8 @@ import java.util.List;
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter { public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
@Autowired @Autowired
private UserSetup userSetup; private UserSetup userSetup;
@ -88,10 +92,14 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/v3/api-docs/**") .antMatchers("/v3/api-docs/**")
.antMatchers("/js/**"); .antMatchers("/js/**");
List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes(); List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes();
System.out.println(interfaceAuthenticationExcludes.size());
for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) { for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) {
if (interfaceAuthenticationExclude.split("/").length < 4 ) {
logger.warn("{}不满足两极目录,已忽略", interfaceAuthenticationExclude);
}else {
web.ignoring().antMatchers(interfaceAuthenticationExclude); web.ignoring().antMatchers(interfaceAuthenticationExclude);
} }
}
} }
} }

2
src/main/resources/all-application.yml

@ -134,7 +134,7 @@ user-settings:
wait-track: false wait-track: false
# 是否开启接口鉴权 # 是否开启接口鉴权
interface-authentication: true interface-authentication: true
# 接口鉴权例外的接口, 即不进行接口鉴权的接口 # 接口鉴权例外的接口, 即不进行接口鉴权的接口,尽量详细书写,尽量不用/**,至少两级目录
interface-authentication-excludes: interface-authentication-excludes:
- /api/v1/** - /api/v1/**
# 推流直播是否录制 # 推流直播是否录制

Loading…
Cancel
Save