From b91119e9fa0ad5358d9ab9a9981a8fc03315a973 Mon Sep 17 00:00:00 2001 From: FrozenWatermelon Date: Tue, 21 Feb 2023 11:55:48 +0800 Subject: [PATCH] =?UTF-8?q?=E5=90=AF=E7=94=A8WebSecurity=EF=BC=8C=E5=8F=AA?= =?UTF-8?q?=E6=98=AFtoken=E4=BA=A4=E7=BB=99=E8=87=AA=E5=B7=B1=E8=BF=9B?= =?UTF-8?q?=E8=A1=8C=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 30 +++++++++---------- .../MallWebSecurityConfigurerAdapter.java | 16 ++++++---- 2 files changed, 25 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 8590f93..57cd16f 100644 --- a/README.md +++ b/README.md @@ -45,21 +45,21 @@ uni-app:https://gitee.com/gz-yami/mall4uni ## 技术选型 -| 技术 | 版本 | 说明 | -|------------------------|--------|------------------------------| -| Spring Boot | 2.7.0 | MVC核心框架 | -| Spring Security oauth2 | 2.7.0 | 认证和授权框架 | -| MyBatis | 3.5.0 | ORM框架 | -| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 | -| spring-doc | 1.6.9 | 接口文档工具 | -| Hibernator-Validator | 6.0.17 | 验证框架 | -| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 | -| hikari | 3.2.0 | 数据库连接池 | -| logback | 1.2.11 | log日志工具 | -| orika | 1.5.4 | 更快的bean复制工具 | -| lombok | 1.18.8 | 简化对象封装工具 | -| hutool | 5.7.22 | 更适合国人的java工具集 | -| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui | +| 技术 | 版本 | 说明 | +|----------------------|--------|------------------------------| +| Spring Boot | 2.7.0 | MVC核心框架 | +| Spring Security web | 2.7.0 | web应用安全防护 | +| MyBatis | 3.5.0 | ORM框架 | +| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 | +| spring-doc | 1.6.9 | 接口文档工具 | +| Hibernator-Validator | 6.0.17 | 验证框架 | +| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 | +| hikari | 3.2.0 | 数据库连接池 | +| logback | 1.2.11 | log日志工具 | +| orika | 1.5.4 | 更快的bean复制工具 | +| lombok | 1.18.8 | 简化对象封装工具 | +| hutool | 5.7.22 | 更适合国人的java工具集 | +| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui | diff --git a/yami-shop-security/yami-shop-security-common/src/main/java/com/yami/shop/security/common/adapter/MallWebSecurityConfigurerAdapter.java b/yami-shop-security/yami-shop-security-common/src/main/java/com/yami/shop/security/common/adapter/MallWebSecurityConfigurerAdapter.java index ed289d4..aaad06f 100644 --- a/yami-shop-security/yami-shop-security-common/src/main/java/com/yami/shop/security/common/adapter/MallWebSecurityConfigurerAdapter.java +++ b/yami-shop-security/yami-shop-security-common/src/main/java/com/yami/shop/security/common/adapter/MallWebSecurityConfigurerAdapter.java @@ -1,8 +1,10 @@ package com.yami.shop.security.common.adapter; +import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.stereotype.Component; import org.springframework.web.cors.CorsUtils; @@ -12,14 +14,16 @@ import org.springframework.web.cors.CorsUtils; * @date 2022/3/25 17:33 */ @Component -public class MallWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { - @Override - public void configure(HttpSecurity http) throws Exception { - http.csrf().disable().cors() // We don't need CSRF for token based authentication +@EnableWebSecurity +public class MallWebSecurityConfigurerAdapter { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{ + return http.csrf().disable().cors() // We don't need CSRF for token based authentication .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll() .and() .authorizeRequests().antMatchers( - "/**").permitAll(); + "/**").permitAll().and().build(); } + }