mirror of
https://github.com/luoye663/e5.git
synced 2025-01-13 14:31:31 +00:00
~
This commit is contained in:
parent
d51fbe02a8
commit
b009fb792a
@ -25,18 +25,18 @@ import java.util.Iterator;
|
|||||||
public class UrlAccessDecisionManager implements AccessDecisionManager {
|
public class UrlAccessDecisionManager implements AccessDecisionManager {
|
||||||
@Override
|
@Override
|
||||||
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
||||||
log.debug("进入权限判断!");
|
log.info("进入权限判断!");
|
||||||
if (collection == null) {
|
if (collection == null) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
log.debug("object is a URL. {}", o.toString());
|
log.info("object is a URL. {}", o.toString());
|
||||||
//所请求的资源拥有的权限(一个资源对多个权限)
|
//所请求的资源拥有的权限(一个资源对多个权限)
|
||||||
Iterator<ConfigAttribute> iterator = collection.iterator();
|
Iterator<ConfigAttribute> iterator = collection.iterator();
|
||||||
while (iterator.hasNext()) {
|
while (iterator.hasNext()) {
|
||||||
ConfigAttribute configAttribute = iterator.next();
|
ConfigAttribute configAttribute = iterator.next();
|
||||||
//访问所请求资源所需要的权限
|
//访问所请求资源所需要的权限
|
||||||
String needPermission = configAttribute.getAttribute();
|
String needPermission = configAttribute.getAttribute();
|
||||||
log.debug("访问 " + o.toString() + " 需要的权限是:" + needPermission);
|
log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
|
||||||
if (needPermission == null) {
|
if (needPermission == null) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -36,6 +36,8 @@ public class UrlInvocationSecurityMetadataSourceService implements FilterInvocat
|
|||||||
permissions.put("/admin/**", "admin");
|
permissions.put("/admin/**", "admin");
|
||||||
permissions.put("/**", "user");
|
permissions.put("/**", "user");
|
||||||
permissions.put("/auth2/**", "ROLE_ANONYMOUS");
|
permissions.put("/auth2/**", "ROLE_ANONYMOUS");
|
||||||
|
permissions.put("/error", "ROLE_ANONYMOUS");
|
||||||
|
|
||||||
Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator();
|
Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator();
|
||||||
while (iterator.hasNext()) {
|
while (iterator.hasNext()) {
|
||||||
Map.Entry<String, String> next = iterator.next();
|
Map.Entry<String, String> next = iterator.next();
|
||||||
|
@ -4,12 +4,10 @@ import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
|||||||
import io.qyi.e5.util.SpringUtil;
|
import io.qyi.e5.util.SpringUtil;
|
||||||
import io.qyi.e5.util.redis.RedisUtil;
|
import io.qyi.e5.util.redis.RedisUtil;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.security.core.authority.AuthorityUtils;
|
import org.springframework.security.core.authority.AuthorityUtils;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.web.filter.OncePerRequestFilter;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
||||||
|
|
||||||
import javax.servlet.FilterChain;
|
import javax.servlet.FilterChain;
|
||||||
@ -52,9 +50,9 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
|||||||
log.info("--------------Token鉴权---------------");
|
log.info("--------------Token鉴权---------------");
|
||||||
/*设置跨域*/
|
/*设置跨域*/
|
||||||
HttpServletResponse response = httpServletResponse;
|
HttpServletResponse response = httpServletResponse;
|
||||||
response.setHeader("Access-Control-Allow-Origin", "e5.qyi.io");
|
response.setHeader("Access-Control-Allow-Origin", "*");
|
||||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
response.setHeader("Access-Control-Allow-Credentials", "true");
|
||||||
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST");
|
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST,OPTIONS");
|
||||||
response.setHeader("Access-Control-Max-Age", "3600");
|
response.setHeader("Access-Control-Max-Age", "3600");
|
||||||
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
|
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
|
||||||
/*如果是OPTIONS则结束请求*/
|
/*如果是OPTIONS则结束请求*/
|
||||||
|
Loading…
x
Reference in New Issue
Block a user