|
@@ -19,9 +19,11 @@ import org.springframework.security.cas.web.CasAuthenticationFilter;
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
|
|
+import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
|
|
|
|
|
|
@Configuration
|
|
|
@EnableWebSecurity
|
|
@@ -35,6 +37,15 @@ public class WebSecurityConfig {
|
|
|
@Value("${cas.service.url}")
|
|
|
private String casServiceUrl;
|
|
|
|
|
|
+ @Value("${cas.filter.url}")
|
|
|
+ private String casFilterUrl;
|
|
|
+
|
|
|
+ @Value("${cas.target.url}")
|
|
|
+ private String casTargetUrl;
|
|
|
+
|
|
|
+ @Value("${cas.failure.url}")
|
|
|
+ private String casFailureUrl;
|
|
|
+
|
|
|
@Autowired
|
|
|
private ServletWebServerApplicationContext context;
|
|
|
|
|
@@ -49,14 +60,15 @@ public class WebSecurityConfig {
|
|
|
private static String whiteListSplit = ",";
|
|
|
|
|
|
/**
|
|
|
- *
|
|
|
- *白名单
|
|
|
- */
|
|
|
+ *
|
|
|
+ *白名单
|
|
|
+ */
|
|
|
static {
|
|
|
whiteList.append("/test/login" + whiteListSplit);
|
|
|
whiteList.append("/subscribe/*" + whiteListSplit);
|
|
|
whiteList.append("/test/test1" + whiteListSplit);
|
|
|
}
|
|
|
+
|
|
|
@Bean
|
|
|
public WebSecurityCustomizer webSecurityCustomizer() {
|
|
|
|
|
@@ -75,8 +87,8 @@ public class WebSecurityConfig {
|
|
|
.authorizeRequests()
|
|
|
.antMatchers(whiteList.toString().split(whiteListSplit)).permitAll()
|
|
|
.anyRequest().authenticated()
|
|
|
- // .and()
|
|
|
- // .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
|
|
+ .and()
|
|
|
+ .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
|
|
.and()
|
|
|
.exceptionHandling(exceptions -> exceptions.authenticationEntryPoint(authenticationEntryPoint()))
|
|
|
.addFilter(casAuthenticationFilter())
|
|
@@ -98,13 +110,13 @@ public class WebSecurityConfig {
|
|
|
|
|
|
public CasAuthenticationFilter casAuthenticationFilter() {
|
|
|
CasAuthenticationFilter filter = new CasAuthenticationFilter();
|
|
|
- filter.setFilterProcessesUrl("/sso/login");
|
|
|
- // filter.setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy());
|
|
|
+ filter.setFilterProcessesUrl(casFilterUrl);
|
|
|
+ filter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(casFailureUrl));
|
|
|
|
|
|
CasAuthenticationProvider casAuthenticationProvider = casAuthenticationProvider(userDetailsService);
|
|
|
filter.setAuthenticationManager(new ProviderManager(casAuthenticationProvider));
|
|
|
|
|
|
- mySimpleUrlAuthenticationSuccessHandler.setDefaultTargetUrl("http://localhost:8081/#/?token=");
|
|
|
+ mySimpleUrlAuthenticationSuccessHandler.setDefaultTargetUrl(casTargetUrl);
|
|
|
filter.setAuthenticationSuccessHandler(mySimpleUrlAuthenticationSuccessHandler);
|
|
|
|
|
|
return filter;
|