From 0cbbe2c1cbfbf73e02e1796d921c2911c96d370b Mon Sep 17 00:00:00 2001 From: 潘志宝 <979469083@qq.com> Date: 星期一, 23 十二月 2024 11:46:31 +0800 Subject: [PATCH] Merge branch 'master' of http://dlindusit.com:53929/r/iailab-plat --- iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java | 38 ++++++++++++++++++++++++++++++++++++++ 1 files changed, 38 insertions(+), 0 deletions(-) diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java new file mode 100644 index 0000000..474a23e --- /dev/null +++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java @@ -0,0 +1,38 @@ +package com.iailab.module.data.framework.security.config; + +import com.iailab.framework.security.config.AuthorizeRequestsCustomizer; +import com.iailab.module.system.enums.ApiConstants; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; + +/** + * System 模块的 Security 配置 + */ +@Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration") +public class SecurityConfiguration { + + @Bean("systemAuthorizeRequestsCustomizer") + public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { + return new AuthorizeRequestsCustomizer() { + + @Override + public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) { + // TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案 + // Swagger 接口文档 + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI + // Druid 监控 + registry.requestMatchers("/druid/**").anonymous(); + // Spring Boot Actuator 的安全配置 + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); + // RPC 服务的安全配置 + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); + } + + }; + } + +} -- Gitblit v1.9.3