package com.lxzn.auth.config;
|
|
import com.lxzn.auth.security.CustomAuthExceptionHandler;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
|
/**
|
* @author Administrator
|
* @version 1.0
|
**/
|
@Configuration
|
@EnableResourceServer
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)//激活方法上的PreAuthorize注解
|
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
|
@Autowired
|
private CustomAuthExceptionHandler customAuthExceptionHandler;
|
|
@Override
|
public void configure(ResourceServerSecurityConfigurer resources) {
|
resources.stateless(false)
|
.accessDeniedHandler(customAuthExceptionHandler)
|
.authenticationEntryPoint(customAuthExceptionHandler);
|
}
|
|
//Http安全配置,对每个到达系统的http请求链接进行校验
|
@Override
|
public void configure(HttpSecurity http) throws Exception {
|
//所有请求必须认证通过
|
http.authorizeRequests()
|
.antMatchers("/v2/api-docs", "/swagger-resources/configuration/ui",
|
"/swagger-resources","/swagger-resources/configuration/security",
|
"/swagger-ui.html","/webjars/**").permitAll()
|
//.antMatchers("/**").permitAll()
|
.anyRequest().authenticated();
|
}
|
}
|
