码迷,mamicode.com
首页 > Web开发 > 详细

WebSecurityConfigurerAdapter

时间:2016-10-26 00:50:56      阅读:293      评论:0      收藏:0      [点我收藏+]

标签:require   开启   any   问控制   key   resources   div   created   pass   

  1 /**
  2  * Created by Athos on 2016-10-16.
  3  */
  4 @Configuration
  5 @EnableWebSecurity
  6 @EnableGlobalMethodSecurity(prePostEnabled = true)
  7 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  8 
  9     @Resource
 10     private UserDetailsService userDetailsService;
 11 
 12     @Resource
 13     private MySecurityMetadataSource mySecurityMetadataSource;
 14 
 15     @Override
 16     protected void configure(HttpSecurity http) throws Exception {
 17 
 18         http.addFilterAfter(MyUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
 19         // 开启默认登录页面
 20         http.authorizeRequests().anyRequest().authenticated().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
 21             public <O extends FilterSecurityInterceptor> O postProcess(
 22                     O fsi) {
 23                 fsi.setSecurityMetadataSource(mySecurityMetadataSource);
 24                 fsi.setAccessDecisionManager(accessDecisionManager());
 25                 fsi.setAuthenticationManager(authenticationManagerBean());
 26                 return fsi;
 27             }
 28         }).and().exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login.html")).and().logout()
 29                 .logoutSuccessUrl("/index.html").permitAll();
 30         // 自定义accessDecisionManager访问控制器,并开启表达式语言
 31         http.exceptionHandling().accessDeniedHandler(accessDeniedHandler())
 32                 .and().authorizeRequests().anyRequest().authenticated().expressionHandler(webSecurityExpressionHandler());
 33 
 34         // 自定义登录页面
 35         http.csrf().disable();
 36 
 37         // 自定义注销
 38 //        http.logout().logoutUrl("/logout").logoutSuccessUrl("/login")
 39 //                .invalidateHttpSession(true);
 40 
 41         // session管理
 42         http.sessionManagement().maximumSessions(1);
 43 
 44         // RemeberMe
 45 //        http.rememberMe().key("webmvc#FD637E6D9C0F1A5A67082AF56CE32485");
 46 
 47     }
 48 
 49     @Override
 50     protected void configure(AuthenticationManagerBuilder auth)
 51             throws Exception {
 52         // 自定义UserDetailsService
 53         auth.userDetailsService(userDetailsService);
 54     }
 55 
 56     @Bean
 57     UsernamePasswordAuthenticationFilter MyUsernamePasswordAuthenticationFilter(){
 58         UsernamePasswordAuthenticationFilter myUsernamePasswordAuthenticationFilter = new UsernamePasswordAuthenticationFilter();
 59         myUsernamePasswordAuthenticationFilter.setPostOnly(true);
 60         myUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
 61         myUsernamePasswordAuthenticationFilter.setUsernameParameter("name_key");
 62         myUsernamePasswordAuthenticationFilter.setPasswordParameter("pwd_key");
 63         myUsernamePasswordAuthenticationFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));
 64         myUsernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(simpleUrlAuthenticationFailureHandler());
 65         return myUsernamePasswordAuthenticationFilter;
 66     }
 67 
 68     @Bean
 69     AccessDeniedHandler accessDeniedHandler(){
 70         AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();
 71         accessDeniedHandler.setErrorPage("/securityException/accessDenied");
 72         return accessDeniedHandler;
 73     }
 74 
 75     @Bean
 76     public LoggerListener loggerListener() {
 77         System.out.println("org.springframework.security.authentication.event.LoggerListener");
 78         return new LoggerListener();
 79     }
 80 
 81     @Bean
 82     public org.springframework.security.access.event.LoggerListener eventLoggerListener() {
 83         System.out.println("org.springframework.security.access.event.LoggerListener");
 84         return new org.springframework.security.access.event.LoggerListener();
 85     }
 86 
 87     /*
 88      *
 89      * 这里可以增加自定义的投票器
 90      */
 91     @Bean(name = "accessDecisionManager")
 92     public AccessDecisionManager accessDecisionManager() {
 93         List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList();
 94         decisionVoters.add(new RoleVoter());
 95         decisionVoters.add(new AuthenticatedVoter());
 96         decisionVoters.add(webExpressionVoter());// 启用表达式投票器
 97         MyAccessDecisionManager accessDecisionManager =  new MyAccessDecisionManager(decisionVoters);
 98         return accessDecisionManager;
 99     }
100 
101     @Bean(name = "authenticationManager")
102     @Override
103     public AuthenticationManager authenticationManagerBean(){
104         AuthenticationManager authenticationManager = null;
105         try {
106             authenticationManager = super.authenticationManagerBean();
107         } catch (Exception e) {
108             e.printStackTrace();
109         }
110         return authenticationManager;
111     }
112 
113 
114     @Bean(name = "failureHandler")
115     public SimpleUrlAuthenticationFailureHandler simpleUrlAuthenticationFailureHandler(){
116         return  new SimpleUrlAuthenticationFailureHandler("/getLoginError");
117     }
118 
119     @Bean(name = "aclResourcesService")
120     @ConditionalOnMissingBean
121     public AclResourcesService aclResourcesService(){
122         return new AclResourcesServiceImpl();
123     }
124 
125     /*
126      * 表达式控制器
127      */
128     @Bean(name = "expressionHandler")
129     public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler() {
130         DefaultWebSecurityExpressionHandler webSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
131         return webSecurityExpressionHandler;
132     }
133 
134     /*
135      * 表达式投票器
136      */
137     @Bean(name = "expressionVoter")
138     public WebExpressionVoter webExpressionVoter() {
139         WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
140         webExpressionVoter.setExpressionHandler(webSecurityExpressionHandler());
141         return webExpressionVoter;
142     }
143 
144 }

 

WebSecurityConfigurerAdapter

标签:require   开启   any   问控制   key   resources   div   created   pass   

原文地址:http://www.cnblogs.com/sweetchildomine/p/5998659.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!