修改monitor security 配置方式解决类过期问题

2025-01-03 23:42:22 +08:00 · 2022-06-08 11:03:54 +08:00 · 2022-06-08 11:03:54 +08:00 · 13fbfd301a
commit 13fbfd301a
parent 6cebdacdae
2 changed files with 33 additions and 25 deletions
--- a/pig-common/pig-common-core/src/main/java/com/pig4cloud/pig/common/core/factory/YamlPropertySourceFactory.java
+++ b/pig-common/pig-common-core/src/main/java/com/pig4cloud/pig/common/core/factory/YamlPropertySourceFactory.java
@ -35,8 +35,9 @@ public class YamlPropertySourceFactory implements PropertySourceFactory {
 		}
 		catch (IllegalStateException e) {
 			Throwable cause = e.getCause();
-			if (cause instanceof FileNotFoundException)
+			if (cause instanceof FileNotFoundException) {
 				throw (FileNotFoundException) e.getCause();
 			}
 			throw e;
 		}
 	}
--- a/pig-visual/pig-monitor/src/main/java/com/pig4cloud/pig/monitor/config/WebSecurityConfigurer.java
+++ b/pig-visual/pig-monitor/src/main/java/com/pig4cloud/pig/monitor/config/WebSecurityConfigurer.java
@ -18,9 +18,13 @@ package com.pig4cloud.pig.monitor.config;
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import lombok.SneakyThrows;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 /**
@ -29,8 +33,8 @@ import org.springframework.security.web.authentication.SavedRequestAwareAuthenti
 * @author lishangbu
 * @date 2019/2/1
 */
-@Configuration(proxyBeanMethods = false)
+@EnableWebSecurity
-public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
+public class WebSecurityConfigurer{
 	private final String adminContextPath;
@ -38,32 +42,35 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
 		this.adminContextPath = adminServerProperties.getContextPath();
 	}
-	@Override
+	/**
-	@SneakyThrows
+	 * spring security 默认的安全策略
-	protected void configure(HttpSecurity http) {
+	 * @param http security注入点
-		// @formatter:off
+	 * @return SecurityFilterChain
 	 * @throws Exception
 	 */
 	@Bean
 	SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
 		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
 		successHandler.setTargetUrlParameter("redirectTo");
 		successHandler.setDefaultTargetUrl(adminContextPath + "/");
 		http
-			.headers().frameOptions().disable()
+				.headers().frameOptions().disable()
-			.and().authorizeRequests()
+				.and().authorizeRequests()
-			.antMatchers(adminContextPath + "/assets/**"
+				.antMatchers(adminContextPath + "/assets/**"
-				, adminContextPath + "/login"
+						, adminContextPath + "/login"
-				, adminContextPath + "/instances/**"
+						, adminContextPath + "/instances/**"
-				, adminContextPath + "/actuator/**"
+						, adminContextPath + "/actuator/**"
-			).permitAll()
+				).permitAll()
-			.anyRequest().authenticated()
+				.anyRequest().authenticated()
-			.and()
+				.and()
-			.formLogin().loginPage(adminContextPath + "/login")
+				.formLogin().loginPage(adminContextPath + "/login")
-			.successHandler(successHandler).and()
+				.successHandler(successHandler).and()
-			.logout().logoutUrl(adminContextPath + "/logout")
+				.logout().logoutUrl(adminContextPath + "/logout")
-			.and()
+				.and()
-			.httpBasic().and()
+				.httpBasic().and()
-			.csrf()
+				.csrf()
-			.disable();
+				.disable();
-		// @formatter:on
+		return http.build();
 	}
 }