Search in sources :

Example 1 with CsrfTokenResponseHeaderBindingFilter

use of com.allanditzel.springframework.security.web.csrf.CsrfTokenResponseHeaderBindingFilter in project mzzb-server by mingzuozhibi.

the class SecurityConfig method configure.

protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/api/session/**").permitAll().antMatchers(HttpMethod.GET).permitAll().antMatchers("/api/**").hasRole("BASIC").and().anonymous().principal("Guest").authorities("NONE").and().exceptionHandling().accessDeniedHandler(customAccessDeniedHandler).authenticationEntryPoint(customAccessDeniedHandler).and().csrf().ignoringAntMatchers("/api/session/**").ignoringAntMatchers("/management/**").and().addFilterAfter(new CsrfTokenResponseHeaderBindingFilter(), CsrfFilter.class);
    Logger logger = LoggerFactory.getLogger(SecurityConfig.class);
    logger.info("设置Security安全策略");
    dao.execute(session -> {
        String encode = new PassUtil().encode("admin", adminPassword);
        User user = dao.lookup(User.class, "username", "admin");
        if (user == null) {
            user = new User("admin", encode, true);
            user.getRoles().add("ROLE_ADMIN");
            dao.save(user);
            logger.info("初始化管理员用户");
        } else {
            if (!encode.equals(user.getPassword())) {
                logger.info("更新管理员密码");
                user.setPassword(encode);
            }
            if (!user.getRoles().contains("ROLE_BASIC")) {
                logger.info("更新管理员权限");
                user.getRoles().add("ROLE_BASIC");
            }
            if (!user.getRoles().contains("ROLE_ADMIN")) {
                logger.info("更新管理员权限");
                user.getRoles().add("ROLE_ADMIN");
            }
            if (!user.isEnabled()) {
                logger.info("启用管理员用户");
                user.setEnabled(true);
            }
        }
    });
}
Also used : CsrfTokenResponseHeaderBindingFilter(com.allanditzel.springframework.security.web.csrf.CsrfTokenResponseHeaderBindingFilter) User(mingzuozhibi.persist.core.User) PassUtil(mingzuozhibi.support.PassUtil) Logger(org.slf4j.Logger)

Aggregations

CsrfTokenResponseHeaderBindingFilter (com.allanditzel.springframework.security.web.csrf.CsrfTokenResponseHeaderBindingFilter)1 User (mingzuozhibi.persist.core.User)1 PassUtil (mingzuozhibi.support.PassUtil)1 Logger (org.slf4j.Logger)1