From 6c2ff1c7c8e0aba3af92110b76687b78f8278e86 Mon Sep 17 00:00:00 2001
From: 潘志宝 <979469083@qq.com>
Date: 星期五, 03 一月 2025 09:57:37 +0800
Subject: [PATCH] 动态数据长度
---
iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java | 40 +++++++++++++++-------------------------
1 files changed, 15 insertions(+), 25 deletions(-)
diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java
index a9883af..474a23e 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/framework/security/config/SecurityConfiguration.java
@@ -1,45 +1,35 @@
package com.iailab.module.data.framework.security.config;
import com.iailab.framework.security.config.AuthorizeRequestsCustomizer;
-import com.iailab.module.data.enums.ApiConstants;
-import org.springframework.beans.factory.annotation.Value;
+import com.iailab.module.system.enums.ApiConstants;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
+import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
/**
- * data 模块的 Security 配置
+ * System 模块的 Security 配置
*/
-@Configuration(proxyBeanMethods = false, value = "dataSecurityConfiguration")
+@Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration")
public class SecurityConfiguration {
- @Value("${spring.boot.admin.context-path:''}")
- private String adminSeverContextPath;
-
- @Bean("infraAuthorizeRequestsCustomizer")
+ @Bean("systemAuthorizeRequestsCustomizer")
public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
return new AuthorizeRequestsCustomizer() {
@Override
- public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
- // Swagger 接口文档
- registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据
- .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI
- // Spring Boot Actuator 的安全配置
- registry.antMatchers("/actuator").anonymous()
- .antMatchers("/actuator/**").anonymous();
- // Druid 监控
- registry.antMatchers("/druid/**").anonymous();
- // Spring Boot Admin Server 的安全配置
- registry.antMatchers(adminSeverContextPath).anonymous()
- .antMatchers(adminSeverContextPath + "/**").anonymous();
- // 文件读取
- registry.antMatchers(buildAdminApi("/data/point/**")).permitAll();
-
+ public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
// TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案
+ // Swagger 接口文档
+ registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据
+ .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI
+ // Druid 监控
+ registry.requestMatchers("/druid/**").anonymous();
+ // Spring Boot Actuator 的安全配置
+ registry.requestMatchers("/actuator").anonymous()
+ .requestMatchers("/actuator/**").anonymous();
// RPC 服务的安全配置
- registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll();
+ registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
}
};
--
Gitblit v1.9.3