From c3a5919948da2ff07c9b8f206b09ae2f8b59b189 Mon Sep 17 00:00:00 2001 From: houzhongjian <houzhongyi@126.com> Date: 星期二, 03 十二月 2024 11:17:14 +0800 Subject: [PATCH] 1、security模块ExpressionUrlAuthorizationConfigurer改为AuthorizeHttpRequestsConfigurer 2、全局registry.antMatchers改为registry.requestMatchers 3、移除sms、微信、第三方云服务包依赖等等 --- pom.xml | 57 ++++++++-------------------- iailab-xmc-pms-biz/src/main/java/com/iailab/module/pms/framework/security/config/SecurityConfiguration.java | 17 ++++---- 2 files changed, 24 insertions(+), 50 deletions(-) diff --git a/iailab-xmc-pms-biz/src/main/java/com/iailab/module/pms/framework/security/config/SecurityConfiguration.java b/iailab-xmc-pms-biz/src/main/java/com/iailab/module/pms/framework/security/config/SecurityConfiguration.java index efd5a48..3579c84 100644 --- a/iailab-xmc-pms-biz/src/main/java/com/iailab/module/pms/framework/security/config/SecurityConfiguration.java +++ b/iailab-xmc-pms-biz/src/main/java/com/iailab/module/pms/framework/security/config/SecurityConfiguration.java @@ -5,7 +5,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * System 模块的 Security 配置 @@ -18,21 +18,20 @@ return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) { // TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; } - } diff --git a/pom.xml b/pom.xml index d47b3cc..b8bb406 100644 --- a/pom.xml +++ b/pom.xml @@ -26,6 +26,8 @@ <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version> <flatten-maven-plugin.version>1.5.0</flatten-maven-plugin.version> <!-- 统一依赖管理 --> + <spring.framework.version>5.3.39</spring.framework.version> + <spring.security.version>5.8.14</spring.security.version> <spring.boot.version>2.7.18</spring.boot.version> <spring.cloud.version>2021.0.9</spring.cloud.version> <spring.cloud.alibaba.version>2021.0.6.1</spring.cloud.alibaba.version> @@ -82,24 +84,26 @@ <ip2region.version>2.7.0</ip2region.version> <bizlog-sdk.version>3.0.6</bizlog-sdk.version> <reflections.version>0.10.2</reflections.version> - <!-- 三方云服务相关 --> - <okio.version>3.5.0</okio.version> - <okhttp3.version>4.11.0</okhttp3.version> - <commons-io.version>2.15.1</commons-io.version> - <minio.version>8.5.7</minio.version> - <aliyun-java-sdk-core.version>4.6.4</aliyun-java-sdk-core.version> - <aliyun-java-sdk-dysmsapi.version>2.2.1</aliyun-java-sdk-dysmsapi.version> - <tencentcloud-sdk-java.version>3.1.880</tencentcloud-sdk-java.version> - <justauth.version>1.0.8</justauth.version> - <jimureport.version>1.6.6</jimureport.version> - <xercesImpl.version>2.12.2</xercesImpl.version> - <weixin-java.version>4.6.0</weixin-java.version> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <dependencyManagement> <dependencies> <!-- 统一依赖管理 --> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-framework-bom</artifactId> <!-- JDK8 版本独有:保证 Spring Framework 尽量高 --> + <version>${spring.framework.version}</version> + <type>pom</type> + <scope>import</scope> + </dependency> + <dependency> + <groupId>org.springframework.security</groupId> + <artifactId>spring-security-bom</artifactId> <!-- JDK8 版本独有:保证 Spring Security 尽量高 --> + <version>${spring.security.version}</version> + <type>pom</type> + <scope>import</scope> + </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-dependencies</artifactId> @@ -369,12 +373,6 @@ </dependency> <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>${commons-io.version}</version> - </dependency> - - <dependency> <groupId>org.apache.tika</groupId> <artifactId>tika-core</artifactId> <!-- 文件类型的识别 --> <version>${tika-core.version}</version> @@ -453,29 +451,6 @@ <groupId>org.jsoup</groupId> <artifactId>jsoup</artifactId> <version>${jsoup.version}</version> - </dependency> - - <dependency> - <groupId>org.reflections</groupId> - <artifactId>reflections</artifactId> - <version>${reflections.version}</version> - </dependency> - - <!-- 三方云服务相关 --> - <dependency> - <groupId>com.squareup.okio</groupId> - <artifactId>okio</artifactId> - <version>${okio.version}</version> - </dependency> - <dependency> - <groupId>com.squareup.okhttp3</groupId> - <artifactId>okhttp</artifactId> - <version>${okhttp3.version}</version> - </dependency> - <dependency> - <groupId>io.minio</groupId> - <artifactId>minio</artifactId> - <version>${minio.version}</version> </dependency> </dependencies> -- Gitblit v1.9.3