From 0ee7939bb9d8c0d2996d9c9262010423cb786ec6 Mon Sep 17 00:00:00 2001
From: 潘志宝 <979469083@qq.com>
Date: 星期二, 03 十二月 2024 13:44:27 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/framework/security/config/SecurityConfiguration.java |   18 ++++++++++--------
 1 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/framework/security/config/SecurityConfiguration.java b/iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/framework/security/config/SecurityConfiguration.java
index cefacbf..a5b0a04 100644
--- a/iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/framework/security/config/SecurityConfiguration.java
+++ b/iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/framework/security/config/SecurityConfiguration.java
@@ -5,7 +5,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
+import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
 
 /**
  * System 模块的 Security 配置
@@ -18,18 +18,20 @@
         return new AuthorizeRequestsCustomizer() {
 
             @Override
-            public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
+            public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
                 // TODO iailab：这个每个项目都需要重复配置，得捉摸有没通用的方案
                 // Swagger 接口文档
-                registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据
-                        .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI
+                registry.requestMatchers("/v3/api-docs/**").permitAll()
+                        .requestMatchers("/webjars/**").permitAll()
+                        .requestMatchers("/swagger-ui").permitAll()
+                        .requestMatchers("/swagger-ui/**").permitAll();
                 // Druid 监控
-                registry.antMatchers("/druid/**").anonymous();
+                registry.requestMatchers("/druid/**").permitAll();
                 // Spring Boot Actuator 的安全配置
-                registry.antMatchers("/actuator").anonymous()
-                        .antMatchers("/actuator/**").anonymous();
+                registry.requestMatchers("/actuator").permitAll()
+                        .requestMatchers("/actuator/**").permitAll();
                 // RPC 服务的安全配置
-                registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll();
+                registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
             }
 
         };

--
Gitblit v1.9.3