java source code of SecurityConfig

RuoYi-Vue-master
- ruoyi-ui
  - .eslintignore
  - src
    - layout
      - mixin
        ResizeHandler.js
      - components
        Settings
        index.vue
        AppMain.vue
        Navbar.vue
        TagsView
        ScrollPane.vue
        index.vue
        Sidebar
        FixiOSBug.js
        Link.vue
        SidebarItem.vue
        Item.vue
        index.vue
        Logo.vue
        index.js
      - index.vue
    - utils
      - auth.js
      - permission.js
      - errorCode.js
      - zipdownload.js
      - ruoyi.js
      - request.js
      - validate.js
      - jsencrypt.js
      - scroll-to.js
      - generator
        html.js
        css.js
        js.js
        icon.json
        config.js
        render.js
        drawingDefalut.js
      - index.js
    - views
      - login.vue
      - tool
        build
        IconsDialog.vue
        CodeTypeDialog.vue
        DraggableItem.vue
        TreeNodeDialog.vue
        index.vue
        RightPanel.vue
        swagger
        index.vue
        gen
        basicInfoForm.vue
        genInfoForm.vue
        editTable.vue
        index.vue
        importTable.vue
      - error
        401.vue
        404.vue
      - components
        icons
        element-icons.js
        svg-icons.js
        index.vue
      - monitor
        logininfor
        index.vue
        online
        index.vue
        druid
        index.vue
        job
        log.vue
        index.vue
        operlog
        index.vue
        server
        index.vue
      - redirect.vue
      - index.vue
      - system
        user
        index.vue
        profile
        resetPwd.vue
        userInfo.vue
        index.vue
        userAvatar.vue
        post
        index.vue
        menu
        index.vue
        log
        index.vue
        config
        index.vue
        dept
        index.vue
        dict
        data.vue
        index.vue
        role
        index.vue
        notice
        index.vue
      - dashboard
        PieChart.vue
        PanelGroup.vue
        RaddarChart.vue
        BarChart.vue
        LineChart.vue
        mixins
        resize.js
    - permission.js
    - api
      - tool
        gen.js
      - login.js
      - monitor
        online.js
        operlog.js
        job.js
        server.js
        jobLog.js
        logininfor.js
      - system
        post.js
        dict
        type.js
        data.js
        config.js
        role.js
        dept.js
        user.js
        notice.js
        menu.js
      - menu.js
    - main.js
    - router
      - index.js
    - components
      - RuoYi
        Git
        index.vue
        Doc
        index.vue
      - ThemePicker
        index.vue
      - PanThumb
        index.vue
      - Hamburger
        index.vue
      - HeaderSearch
        index.vue
      - RightPanel
        index.vue
      - Editor
        index.vue
      - Pagination
        index.vue
      - IconSelect
        index.vue
        requireIcons.js
      - SizeSelect
        index.vue
      - SvgIcon
        index.vue
      - Screenfull
        index.vue
      - Breadcrumb
        index.vue
    - settings.js
    - store
      - getters.js
      - modules
        permission.js
        app.js
        settings.js
        tagsView.js
        user.js
      - index.js
    - directive
      - permission
        hasRole.js
        hasPermi.js
        index.js
    - App.vue
    - assets
      - icons
        svg
        log.svg
        question.svg
        search.svg
        post.svg
        input.svg
        druid.svg
        table.svg
        switch.svg
        education.svg
        form.svg
        link.svg
        icon.svg
        guide.svg
        tree-table.svg
        star.svg
        people.svg
        message.svg
        theme.svg
        download.svg
        fullscreen.svg
        zip.svg
        code.svg
        tab.svg
        qq.svg
        list.svg
        chart.svg
        skill.svg
        phone.svg
        job.svg
        swagger.svg
        eye-open.svg
        edit.svg
        email.svg
        github.svg
        language.svg
        row.svg
        system.svg
        validCode.svg
        rate.svg
        documentation.svg
        number.svg
        peoples.svg
        date.svg
        build.svg
        nested.svg
        clipboard.svg
        dict.svg
        wechat.svg
        slider.svg
        logininfor.svg
        exit-fullscreen.svg
        time-range.svg
        checkbox.svg
        select.svg
        password.svg
        textarea.svg
        404.svg
        server.svg
        bug.svg
        color.svg
        date-range.svg
        tree.svg
        international.svg
        radio.svg
        drag.svg
        money.svg
        time.svg
        cascader.svg
        example.svg
        monitor.svg
        upload.svg
        user.svg
        dashboard.svg
        tool.svg
        online.svg
        lock.svg
        shopping.svg
        excel.svg
        pdf.svg
        eye.svg
        size.svg
        component.svg
        svgo.yml
        index.js
      - logo
      - 401_images
        401.gif
      - 404_images
      - styles
        sidebar.scss
        element-variables.scss
        element-ui.scss
        index.scss
        transition.scss
        btn.scss
        ruoyi.scss
        mixin.scss
        variables.scss
      - image
        profile.jpg
  - .env.development
  - .env.staging
  - build
    - index.js
  - public
    - robots.txt
    - favicon.ico
    - index.html
  - .editorconfig
  - babel.config.js
  - vue.config.js
  - README.md
  - package.json
  - bin
    - package.bat
    - build.bat
    - run-web.bat
  - .eslintrc.js
  - .env.production
  - .gitignore
- LICENSE
- ruoyi
  - sql
    - quartz.sql
    - ry_20200629.sql
  - src
    - main
      - resources
        application.yml
        vm
        sql
        sql.vm
        xml
        mapper.xml.vm
        vue
        index-tree.vue.vm
        index.vue.vm
        java
        domain.java.vm
        service.java.vm
        controller.java.vm
        serviceImpl.java.vm
        mapper.java.vm
        js
        api.js.vm
        logback.xml
        i18n
        messages.properties
        application-druid.yml
        META-INF
        spring-devtools.properties
        mybatis
        tool
        GenTableColumnMapper.xml
        GenTableMapper.xml
        monitor
        SysOperLogMapper.xml
        SysLogininforMapper.xml
        system
        SysDictTypeMapper.xml
        SysJobMapper.xml
        SysConfigMapper.xml
        SysDeptMapper.xml
        SysDictDataMapper.xml
        SysPostMapper.xml
        SysRoleDeptMapper.xml
        SysUserRoleMapper.xml
        SysUserPostMapper.xml
        SysJobLogMapper.xml
        SysRoleMenuMapper.xml
        SysNoticeMapper.xml
        SysMenuMapper.xml
        SysRoleMapper.xml
        SysUserMapper.xml
        mybatis-config.xml
        banner.txt
      - java
        com
        ruoyi
        RuoYiApplication.java
        common
        utils
        sql
        SqlUtil.java
        security
        Md5Utils.java
        sign
        Base64.java
        poi
        ExcelUtil.java
        reflect
        ReflectUtils.java
        spring
        SpringUtils.java
        html
        EscapeUtil.java
        HTMLFilter.java
        Threads.java
        Arith.java
        VerifyCodeUtils.java
        SecurityUtils.java
        DictUtils.java
        job
        CronUtils.java
        AbstractQuartzJob.java
        ScheduleUtils.java
        QuartzJobExecution.java
        QuartzDisallowConcurrentExecution.java
        JobInvokeUtil.java
        file
        FileUploadUtils.java
        FileUtils.java
        MimeTypeUtils.java
        DateUtils.java
        ServletUtils.java
        http
        HttpUtils.java
        HttpHelper.java
        IdUtils.java
        ExceptionUtil.java
        ip
        AddressUtils.java
        IpUtils.java
        LogUtils.java
        bean
        BeanUtils.java
        MessageUtils.java
        StringUtils.java
        enums
        UserStatus.java
        HttpMethod.java
        constant
        GenConstants.java
        UserConstants.java
        Constants.java
        ScheduleConstants.java
        HttpStatus.java
        exception
        user
        CaptchaExpireException.java
        UserException.java
        CaptchaException.java
        UserPasswordNotMatchException.java
        job
        TaskException.java
        DemoModeException.java
        UtilException.java
        file
        FileNameLengthLimitExceededException.java
        InvalidExtensionException.java
        FileSizeLimitExceededException.java
        FileException.java
        CustomException.java
        BaseException.java
        core
        lang
        UUID.java
        text
        Convert.java
        StrFormatter.java
        CharsetKit.java
        filter
        XssHttpServletRequestWrapper.java
        RepeatedlyRequestWrapper.java
        XssFilter.java
        RepeatableFilter.java
        project
        tool
        swagger
        TestController.java
        gen
        util
        VelocityInitializer.java
        VelocityUtils.java
        GenUtils.java
        service
        IGenTableColumnService.java
        GenTableServiceImpl.java
        GenTableColumnServiceImpl.java
        IGenTableService.java
        domain
        GenTable.java
        GenTableColumn.java
        mapper
        GenTableColumnMapper.java
        GenTableMapper.java
        controller
        GenController.java
        common
        CaptchaController.java
        CommonController.java
        monitor
        service
        impl
        SysLogininforServiceImpl.java
        SysJobServiceImpl.java
        SysJobLogServiceImpl.java
        SysOperLogServiceImpl.java
        ISysJobLogService.java
        ISysJobService.java
        ISysOperLogService.java
        ISysLogininforService.java
        domain
        SysOperLog.java
        SysUserOnline.java
        SysJob.java
        SysJobLog.java
        SysLogininfor.java
        mapper
        SysOperLogMapper.java
        SysLogininforMapper.java
        SysJobMapper.java
        SysJobLogMapper.java
        controller
        SysLogininforController.java
        SysOperlogController.java
        SysJobController.java
        ServerController.java
        SysJobLogController.java
        SysUserOnlineController.java
        system
        service
        impl
        SysDictTypeServiceImpl.java
        SysDictDataServiceImpl.java
        SysUserOnlineServiceImpl.java
        SysNoticeServiceImpl.java
        SysRoleServiceImpl.java
        SysDeptServiceImpl.java
        SysPostServiceImpl.java
        SysConfigServiceImpl.java
        SysMenuServiceImpl.java
        SysUserServiceImpl.java
        ISysDeptService.java
        ISysNoticeService.java
        ISysUserOnlineService.java
        ISysConfigService.java
        ISysRoleService.java
        ISysDictDataService.java
        ISysMenuService.java
        ISysUserService.java
        ISysDictTypeService.java
        ISysPostService.java
        domain
        vo
        MetaVo.java
        RouterVo.java
        SysRoleDept.java
        SysNotice.java
        SysMenu.java
        SysConfig.java
        SysRole.java
        SysRoleMenu.java
        SysUserPost.java
        SysPost.java
        SysDictData.java
        SysDept.java
        SysDictType.java
        SysUserRole.java
        SysUser.java
        mapper
        SysMenuMapper.java
        SysRoleMapper.java
        SysRoleDeptMapper.java
        SysUserPostMapper.java
        SysPostMapper.java
        SysRoleMenuMapper.java
        SysUserMapper.java
        SysConfigMapper.java
        SysDeptMapper.java
        SysNoticeMapper.java
        SysDictDataMapper.java
        SysUserRoleMapper.java
        SysDictTypeMapper.java
        controller
        SysProfileController.java
        SysPostController.java
        SysDeptController.java
        SysUserController.java
        SysDictTypeController.java
        SysConfigController.java
        SysLoginController.java
        SysMenuController.java
        SysRoleController.java
        SysDictDataController.java
        SysNoticeController.java
        framework
        security
        LoginUser.java
        service
        SysPermissionService.java
        UserDetailsServiceImpl.java
        SysLoginService.java
        TokenService.java
        PermissionService.java
        handle
        LogoutSuccessHandlerImpl.java
        AuthenticationEntryPointImpl.java
        LoginBody.java
        filter
        JwtAuthenticationTokenFilter.java
        redis
        RedisCache.java
        web
        page
        PageDomain.java
        TableDataInfo.java
        TableSupport.java
        exception
        GlobalExceptionHandler.java
        domain
        Server.java
        TreeSelect.java
        TreeEntity.java
        server
        Jvm.java
        Mem.java
        Cpu.java
        Sys.java
        SysFile.java
        AjaxResult.java
        BaseEntity.java
        controller
        BaseController.java
        task
        RyTask.java
        config
        ApplicationConfig.java
        SwaggerConfig.java
        ScheduleConfig.java
        ResourcesConfig.java
        properties
        DruidProperties.java
        GenConfig.java
        FilterConfig.java
        DruidConfig.java
        ThreadPoolConfig.java
        RedisConfig.java
        SecurityConfig.java
        RuoYiConfig.java
        FastJson2JsonRedisSerializer.java
        MyBatisConfig.java
        ServerConfig.java
        datasource
        DynamicDataSourceContextHolder.java
        DynamicDataSource.java
        interceptor
        impl
        SameUrlDataInterceptor.java
        annotation
        RepeatSubmit.java
        RepeatSubmitInterceptor.java
        manager
        AsyncManager.java
        ShutdownManager.java
        factory
        AsyncFactory.java
        aspectj
        DataSourceAspect.java
        lang
        enums
        BusinessStatus.java
        OperatorType.java
        BusinessType.java
        DataSourceType.java
        annotation
        Log.java
        DataScope.java
        DataSource.java
        Excel.java
        Excels.java
        DataScopeAspect.java
        LogAspect.java
        RuoYiServletInitializer.java
  - pom.xml
  - bin
    - package.bat
    - clean.bat
    - run-tomcat.bat
  - ry.sh
  - .gitignore
- README.md

package com.ruoyi.framework.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;
import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;
import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;

/**
 * spring security配置
 * 
 * @author ruoyi
 */
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
    /**
     * 自定义用户认证逻辑
     */
    @Autowired
    private UserDetailsService userDetailsService;
    
    /**
     * 认证失败处理类
     */
    @Autowired
    private AuthenticationEntryPointImpl unauthorizedHandler;

    /**
     * 退出处理类
     */
    @Autowired
    private LogoutSuccessHandlerImpl logoutSuccessHandler;

    /**
     * token认证过滤器
     */
    @Autowired
    private JwtAuthenticationTokenFilter authenticationTokenFilter;
    
    /**
     * 解决 无法直接注入 AuthenticationManager
     *
     * @return
     * @throws Exception
     */
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception
    {
        return super.authenticationManagerBean();
    }

    /**
     * anyRequest          |   匹配所有请求路径
     * access              |   SpringEl表达式结果为true时可以访问
     * anonymous           |   匿名可以访问
     * denyAll             |   用户不能访问
     * fullyAuthenticated  |   用户完全认证可以访问（非remember-me下自动登录）
     * hasAnyAuthority     |   如果有参数，参数表示权限，则其中任何一个权限可以访问
     * hasAnyRole          |   如果有参数，参数表示角色，则其中任何一个角色可以访问
     * hasAuthority        |   如果有参数，参数表示权限，则其权限可以访问
     * hasIpAddress        |   如果有参数，参数表示IP地址，如果用户IP和参数匹配，则可以访问
     * hasRole             |   如果有参数，参数表示角色，则其角色可以访问
     * permitAll           |   用户可以任意访问
     * rememberMe          |   允许通过remember-me登录的用户访问
     * authenticated       |   用户登录后可访问
     */
    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception
    {
        httpSecurity
                // CRSF禁用，因为不使用session
                .csrf().disable()
                // 认证失败处理类
                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
                // 基于token，所以不需要session
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                // 过滤请求
                .authorizeRequests()
                // 对于登录login 验证码captchaImage 允许匿名访问
                .antMatchers("/login", "/captchaImage").anonymous()
                .antMatchers(
                        HttpMethod.GET,
                        "/*.html",
                        "/**/*.html",
                        "/**/*.css",
                        "/**/*.js"
                ).permitAll()
                .antMatchers("/profile/**").anonymous()
                .antMatchers("/common/download**").anonymous()
                .antMatchers("/common/download/resource**").anonymous()
                .antMatchers("/swagger-ui.html").anonymous()
                .antMatchers("/swagger-resources/**").anonymous()
                .antMatchers("/webjars/**").anonymous()
                .antMatchers("/*/api-docs").anonymous()
                .antMatchers("/druid/**").anonymous()
                // 除上面外的所有请求全部需要鉴权认证
                .anyRequest().authenticated()
                .and()
                .headers().frameOptions().disable();
        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
        // 添加JWT filter
        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
    }

    
    /**
     * 强散列哈希加密实现
     */
    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder()
    {
        return new BCryptPasswordEncoder();
    }

    /**
     * 身份认证接口
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception
    {
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
    }
}