Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
linmingxu
/
rlzc-ai
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Kaynağa Gözat

update 优化 过期的 Security 方法

疯狂的狮子Li 1 yıl önce
ebeveyn
e86765c6bc
işleme
0c09adfe0a
1 değiştirilmiş dosya ile 21 ekleme ve 17 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 21 17
      ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java

+ 21 - 17
ruoyi-extend/ruoyi-monitor-admin/src/main/java/org/dromara/monitor/admin/config/SecurityConfig.java
Dosyayı Görüntüle 

@@ -3,10 +3,14 @@ package org.dromara.monitor.admin.config;
 
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.context.annotation.Configuration;
 
+import org.springframework.security.config.Customizer;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 
 import org.springframework.security.web.SecurityFilterChain;
 
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 
 /**
 
  * admin 监控 安全配置
 
@@ -30,23 +34,23 @@ public class SecurityConfig {
 
         successHandler.setDefaultTargetUrl(adminContextPath + "/");
 
 
         return httpSecurity
 
-                .headers().frameOptions().disable()
 
-                .and().authorizeHttpRequests()
 
-                .requestMatchers(adminContextPath + "/assets/**"
 
-                    , adminContextPath + "/login"
 
-                    , "/actuator"
 
-                    , "/actuator/**"
 
-                ).permitAll()
 
-                .anyRequest().authenticated()
 
-                .and()
 
-                .formLogin().loginPage(adminContextPath + "/login")
 
-                .successHandler(successHandler).and()
 
-                .logout().logoutUrl(adminContextPath + "/logout")
 
-                .and()
 
-                .httpBasic().and()
 
-                .csrf()
 
-                .disable()
 
-                .build();
 
+            .headers((header) ->
 
+                header.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
 
+            .authorizeHttpRequests((authorize) ->
 
+                authorize.requestMatchers(
 
+                        new AntPathRequestMatcher(adminContextPath + "/assets/**"),
 
+                        new AntPathRequestMatcher(adminContextPath + "/login"),
 
+                        new AntPathRequestMatcher("/actuator"),
 
+                        new AntPathRequestMatcher("/actuator/**")
 
+                    ).permitAll()
 
+                    .anyRequest().authenticated())
 
+            .formLogin((formLogin) ->
 
+                formLogin.loginPage(adminContextPath + "/login").successHandler(successHandler))
 
+            .logout((logout) ->
 
+                logout.logoutUrl(adminContextPath + "/logout"))
 
+            .httpBasic(Customizer.withDefaults())
 
+            .csrf(AbstractHttpConfigurer::disable)
 
+            .build();
 
     }
 
 
 }