From 0521511dfdd06ba86be14d0d7601840537fe838b Mon Sep 17 00:00:00 2001 From: kerwincui <164770707@qq.com> Date: Fri, 8 Apr 2022 11:24:09 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9A=82=E6=97=B6=E6=B3=A8=E9=87=8Aoauth?= =?UTF-8?q?=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../framework/config/SecurityConfig.java | 26 +++++++++---------- .../handle/AuthenticationEntryPointImpl.java | 8 +++--- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/springboot/wumei-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/springboot/wumei-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index b1fef096..94673e97 100644 --- a/springboot/wumei-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/springboot/wumei-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -99,7 +99,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter // 过滤请求 .authorizeRequests() // 对于登录login 注册register 验证码captchaImage 允许匿名访问 - .antMatchers("/login", "/register", "/captchaImage","/iot/tool/register","/iot/tool/ntp", + .antMatchers("/login", "/register", "/captchaImage","/iot/tool/register","/iot/tool/ntp","/iot/tool/download", "/iot/tool/mqtt/auth","/iot/tool/mqtt/webhook").anonymous() .antMatchers( HttpMethod.GET, @@ -116,18 +116,18 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter .antMatchers("/*/api-docs").anonymous() .antMatchers("/druid/**").anonymous() /************ oauth ************************/ - // 静态资源文件 - .antMatchers("/oauth/logout/**","/oauth/css/**","/oauth/fonts/**").permitAll() - // 智能音箱控制器由资源服务器管理 - .antMatchers("/oauth/speaker/**").permitAll() - .anyRequest().authenticated() - .and() - .formLogin() - .loginPage("/oauth/login") - .permitAll() - .and() - .logout().logoutUrl("/oauth/logout") - .permitAll() +// // 静态资源文件 +// .antMatchers("/oauth/logout/**","/oauth/css/**","/oauth/fonts/**").permitAll() +// // 智能音箱控制器由资源服务器管理 +// .antMatchers("/oauth/speaker/**").permitAll() +// .anyRequest().authenticated() +// .and() +// .formLogin() +// .loginPage("/oauth/login") +// .permitAll() +// .and() +// .logout().logoutUrl("/oauth/logout") +// .permitAll() /************* oauth **************************/ .and() .headers().frameOptions().disable(); diff --git a/springboot/wumei-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java b/springboot/wumei-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java index 6a934c77..c8145ac0 100644 --- a/springboot/wumei-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java +++ b/springboot/wumei-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java @@ -27,13 +27,13 @@ public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, S public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException { - if (isAjaxRequest(request)){ +// if (isAjaxRequest(request)){ int code = HttpStatus.UNAUTHORIZED; String msg = StringUtils.format("请求访问:{},认证失败,无法访问系统资源", request.getRequestURI()); ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.error(code, msg))); - }else { - response.sendRedirect("/oauth/login"); - } +// }else { +// response.sendRedirect("/oauth/login"); +// } }