springSecurity配置（整合jwt）

编程入门行业动态更新时间:2024-10-07 03:25:48

springSecurity配置（整合jwt）

springsecurtty config

/**

@author shuang.kou Saving
@version 1.1
@date 2020.11.28 14:16
@description Spring Security配置类
**/
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

private final StringRedisTemplate stringRedisTemplate;

public SecurityConfiguration(StringRedisTemplate stringRedisTemplate) {
this.stringRedisTemplate = stringRedisTemplate;
}

/**
- 密码编码器
  */
  @Bean
  public BCryptPasswordEncoder bCryptPasswordEncoder() {
  return new BCryptPasswordEncoder();
  }
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors(withDefaults())
// 禁用 CSRF
.csrf().disable()
.authorizeRequests()
// 指定的接口直接放行
// swagger
.antMatchers(SecurityConstants.SWAGGER_WHITELIST).permitAll()
.antMatchers(HttpMethod.POST, SecurityConstants.SYSTEM_WHITELIST).permitAll()
// 其他的接口都需要认证后才能请求
.anyRequest().authenticated()
.and()
//添加自定义Filter
.addFilter(new JwtAuthenticationFilter(authenticationManager(), stringRedisTemplate))
//添加自定义Filter
.addFilter(new JwtAuthorizationFilter(authenticationManager(), stringRedisTemplate))
// 不需要session（不创建会话）
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 授权异常处理
.exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint())
.accessDeniedHandler(new JwtAccessDeniedHandler());
// 防止H2 web 页面的Frame 被拦截
http.headers().frameOptions().disable();
}

/**
- Cors配置优化
  /
  @Bean
  CorsConfigurationSource corsConfigurationSource() {
  org.springframework.web.cors.CorsConfiguration configuration = new CorsConfiguration();
  configuration.setAllowedOrigins(singletonList(""));
  configuration.setAllowedHeaders(singletonList(""));
  configuration.setAllowedMethods(Arrays.asList(“GET”, “POST”, “DELETE”, “PUT”, “OPTIONS”));
  configuration.setExposedHeaders(singletonList(SecurityConstants.TOKEN_HEADER));
  configuration.setAllowCredentials(false);
  configuration.setMaxAge(3600L);
  UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
  source.registerCorsConfiguration("/", configuration);
  return source;
  }