| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- package cc.mrbird.febs.auth.configure;
- import cc.mrbird.febs.auth.properties.FebsAuthProperties;
- import cc.mrbird.febs.common.handler.FebsAccessDeniedHandler;
- import cc.mrbird.febs.common.handler.FebsAuthExceptionEntryPoint;
- import org.apache.commons.lang3.StringUtils;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
- /**
- * 资源服务器配置
- *
- * @author MrBird
- */
- @Configuration
- @EnableResourceServer
- public class FebsResourceServerConfigurer extends ResourceServerConfigurerAdapter {
- @Autowired
- private FebsAccessDeniedHandler accessDeniedHandler;
- @Autowired
- private FebsAuthExceptionEntryPoint exceptionEntryPoint;
- @Autowired
- private FebsAuthProperties properties;
- @Override
- public void configure(HttpSecurity http) throws Exception {
- String[] anonUrls = StringUtils.splitByWholeSeparatorPreserveAllTokens(properties.getAnonUrl(), ",");
- http.csrf().disable()
- .requestMatchers().antMatchers("/**")
- .and()
- .authorizeRequests()
- .antMatchers(anonUrls).permitAll()
- .antMatchers("/**").authenticated()
- .and().httpBasic();
- }
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- resources.authenticationEntryPoint(exceptionEntryPoint)
- .accessDeniedHandler(accessDeniedHandler);
- }
- }
|
