Test_Project_Web/e5
1
0
Fork 0
mirror of https://github.com/luoye663/e5.git synced 2024-12-26 03:38:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

~

Browse Source
This commit is contained in:
LuoYe_MyWork 2020-08-21 17:15:48 +08:00
parent d51fbe02a8
commit b009fb792a
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/io/qyi/e5/config/security/UrlAccessDecisionManager.java
View File

@ -25,18 +25,18 @@ import java.util.Iterator;
public class UrlAccessDecisionManager implements AccessDecisionManager { public class UrlAccessDecisionManager implements AccessDecisionManager {
@Override @Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException { public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
log.debug("进入权限判断!"); log.info("进入权限判断!");
if (collection == null) { if (collection == null) {
return; return;
} }
log.debug("object is a URL. {}", o.toString()); log.info("object is a URL. {}", o.toString());
//所请求的资源拥有的权限(一个资源对多个权限) //所请求的资源拥有的权限(一个资源对多个权限)
Iterator<ConfigAttribute> iterator = collection.iterator(); Iterator<ConfigAttribute> iterator = collection.iterator();
while (iterator.hasNext()) { while (iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next(); ConfigAttribute configAttribute = iterator.next();
//访问所请求资源所需要的权限 //访问所请求资源所需要的权限
String needPermission = configAttribute.getAttribute(); String needPermission = configAttribute.getAttribute();
log.debug("访问 " + o.toString() + " 需要的权限是:" + needPermission); log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
if (needPermission == null) { if (needPermission == null) {
break; break;
} }

2
src/main/java/io/qyi/e5/config/security/UrlInvocationSecurityMetadataSourceService.java
View File

@ -36,6 +36,8 @@ public class UrlInvocationSecurityMetadataSourceService implements FilterInvocat
permissions.put("/admin/**", "admin"); permissions.put("/admin/**", "admin");
permissions.put("/**", "user"); permissions.put("/**", "user");
permissions.put("/auth2/**", "ROLE_ANONYMOUS"); permissions.put("/auth2/**", "ROLE_ANONYMOUS");
permissions.put("/error", "ROLE_ANONYMOUS");
Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator(); Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator();
while (iterator.hasNext()) { while (iterator.hasNext()) {
Map.Entry<String, String> next = iterator.next(); Map.Entry<String, String> next = iterator.next();

6
src/main/java/io/qyi/e5/config/security/filter/LinkTokenAuthenticationFilter.java
View File

@ -4,12 +4,10 @@ import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
import io.qyi.e5.util.SpringUtil; import io.qyi.e5.util.SpringUtil;
import io.qyi.e5.util.redis.RedisUtil; import io.qyi.e5.util.redis.RedisUtil;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
@ -52,9 +50,9 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
log.info("--------------Token鉴权---------------"); log.info("--------------Token鉴权---------------");
/*设置跨域*/ /*设置跨域*/
HttpServletResponse response = httpServletResponse; HttpServletResponse response = httpServletResponse;
response.setHeader("Access-Control-Allow-Origin", "e5.qyi.io"); response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST"); response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST,OPTIONS");
response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token"); response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
/*如果是OPTIONS则结束请求*/ /*如果是OPTIONS则结束请求*/