工业互联网平台
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
houzhongjian
2024-12-03 874287a4c02d0a980d8b97c4a691b4f37ec5e812 
 iailab-module-infra/iailab-module-infra-biz/src/main/java/com/iailab/module/infra/framework/security/config/SecurityConfiguration.java


@@ -6,7 +6,7 @@


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;


import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;




/**


 * Infra 模块的 Security 配置


@@ -22,26 +22,26 @@


        return new AuthorizeRequestsCustomizer() {




            @Override


            public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {


            public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {


                // Swagger 接口文档


                registry.antMatchers("/v3/api-docs/**").permitAll()


                        .antMatchers("/webjars/**").permitAll()


                        .antMatchers("/swagger-ui").permitAll()


                        .antMatchers("/swagger-ui/**").permitAll();


                registry.requestMatchers("/v3/api-docs/**").permitAll()


                        .requestMatchers("/webjars/**").permitAll()


                        .requestMatchers("/swagger-ui").permitAll()


                        .requestMatchers("/swagger-ui/**").permitAll();


                // Spring Boot Actuator 的安全配置


                registry.antMatchers("/actuator").anonymous()


                        .antMatchers("/actuator/**").anonymous();


                registry.requestMatchers("/actuator").permitAll()


                        .requestMatchers("/actuator/**").permitAll();


                // Druid 监控


                registry.antMatchers("/druid/**").anonymous();


                registry.requestMatchers("/druid/**").permitAll();


                // Spring Boot Admin Server 的安全配置


                registry.antMatchers(adminSeverContextPath).anonymous()


                        .antMatchers(adminSeverContextPath + "/**").anonymous();


                registry.requestMatchers(adminSeverContextPath).permitAll()


                        .requestMatchers(adminSeverContextPath + "/**").permitAll();


                // 文件读取


                registry.antMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll();


                registry.requestMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll();




                // TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案


                // RPC 服务的安全配置


                registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll();


                registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();


            }




        };