工业互联网平台
查看 | 历史 | 提交 | 提交对比
潘志宝
2024-12-03 0ee7939bb9d8c0d2996d9c9262010423cb786ec6
提交 | 用户 | 时间
e7c126 1 package com.iailab.module.infra.framework.security.config;
H 2
3 import com.iailab.framework.security.config.AuthorizeRequestsCustomizer;
4 import com.iailab.module.infra.enums.ApiConstants;
5 import org.springframework.beans.factory.annotation.Value;
6 import org.springframework.context.annotation.Bean;
7 import org.springframework.context.annotation.Configuration;
8 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
874287 9 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
e7c126 10
H 11 /**
12  * Infra 模块的 Security 配置
13  */
14 @Configuration(proxyBeanMethods = false, value = "infraSecurityConfiguration")
15 public class SecurityConfiguration {
16
17     @Value("${spring.boot.admin.context-path:''}")
18     private String adminSeverContextPath;
19
20     @Bean("infraAuthorizeRequestsCustomizer")
21     public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
22         return new AuthorizeRequestsCustomizer() {
23
24             @Override
874287 25             public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
e7c126 26                 // Swagger 接口文档
874287 27                 registry.requestMatchers("/v3/api-docs/**").permitAll()
H 28                         .requestMatchers("/webjars/**").permitAll()
29                         .requestMatchers("/swagger-ui").permitAll()
30                         .requestMatchers("/swagger-ui/**").permitAll();
e7c126 31                 // Spring Boot Actuator 的安全配置
874287 32                 registry.requestMatchers("/actuator").permitAll()
H 33                         .requestMatchers("/actuator/**").permitAll();
e7c126 34                 // Druid 监控
874287 35                 registry.requestMatchers("/druid/**").permitAll();
e7c126 36                 // Spring Boot Admin Server 的安全配置
874287 37                 registry.requestMatchers(adminSeverContextPath).permitAll()
H 38                         .requestMatchers(adminSeverContextPath + "/**").permitAll();
e7c126 39                 // 文件读取
874287 40                 registry.requestMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll();
e7c126 41
H 42                 // TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案
43                 // RPC 服务的安全配置
874287 44                 registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
e7c126 45             }
H 46
47         };
48     }
49
50 }