commit

587e67b9 · xuzhiyuan · 33071568 · 587e67b9
Commit 587e67b9 authored Oct 28, 2022 by xuzhiyuan
Hide whitespace changes
Inline Side-by-side

Showing with 71 additions and 0 deletions

SecurityConfig.java src/main/java/com/oyc/activiti/config/SecurityConfig.java +71 -0

No files found.
--- a/src/main/java/com/oyc/activiti/config/SecurityConfig.java
+++ b/src/main/java/com/oyc/activiti/config/SecurityConfig.java
+package com.oyc.activiti.config;
+
+import javax.sql.DataSource;
+
+import com.keymobile.auth.common.security.CustomizedUserDetailService;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+/**
+ * SecurityConfig.
+ * @author mahx
+ * @version 1.0
+ * @date 2019/12/27 16:55
+ */
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+@ComponentScan("com.keymobile.auth.common.security")
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    private CustomizedUserDetailService customUserDetailService;
+
+    @Autowired
+    private DataSource dataSource;
+
+    @Value("${security.permit}")
+    private boolean permit = true;
+
+    @Override
+    @Autowired
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(customUserDetailService).passwordEncoder(new SHA1PasswordEncoder());
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        if (permit) {
+            http.httpBasic().and().authorizeRequests().anyRequest().permitAll();
+        } else {
+            http.httpBasic().and().authorizeRequests().antMatchers("/actuator/**").permitAll()
+                    .and().authorizeRequests().anyRequest().authenticated();
+        }
+
+        http.csrf().disable();
+    }
+
+    class SHA1PasswordEncoder implements PasswordEncoder {
+
+        @Override
+        public String encode(CharSequence charSequence) {
+            return DigestUtils.sha1Hex(charSequence.toString());
+        }
+
+        @Override
+        public boolean matches(CharSequence charSequence, String s) {
+            return DigestUtils.sha1Hex(charSequence.toString()).equals(s);
+        }
+
+    }
+
+}