重构security config

4c70c783 · linxu · 03c341ac · 4c70c783 · 4c70c783 · 4c70c783
Commit 4c70c783 authored Jan 11, 2020 by linxu
4 changed files
--- a/lib/auth-common-1.0.2-SNAPSHOT.jar
+++ b/lib/auth-common-1.0.2-SNAPSHOT.jar
--- a/pom.xml
+++ b/pom.xml
@@ -155,6 +155,13 @@
 			<version>${easypoi.version}</version>
 		</dependency>
 		<!-- 引入easypoi -->
+		<dependency>
+			<groupId>auth</groupId>
+			<artifactId>auth-common</artifactId>
+			<scope>system</scope>
+			<systemPath>${project.basedir}/lib/auth-common-1.0.2-SNAPSHOT.jar</systemPath>
+			<version>1.0.2</version>
+		</dependency>
 	</dependencies>

 	<dependencyManagement>
@@ -177,6 +184,16 @@
 	</dependencyManagement>

 	<build>
+		<resources>
+			<resource>
+				<directory>lib</directory>
+				<targetPath>BOOT-INF/lib/</targetPath>
+				<includes>
+					<include>**/*.jar</include>
+				</includes>
+			</resource>
+		</resources>
+
 		<plugins>
 			<plugin>
 				<groupId>org.springframework.boot</groupId>

--- a/src/main/java/com/keymobile/tagmanager/config/SecurityConfig.java
+++ b/src/main/java/com/keymobile/tagmanager/config/SecurityConfig.java
@@ -2,74 +2,52 @@ package com.keymobile.tagmanager.config;

 import javax.sql.DataSource;

+import com.keymobile.auth.common.security.CustomizedUserDetailService;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;

-import com.keymobile.tagmanager.service.CustomUserDetailService;
-
 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
+@ComponentScan("com.keymobile.auth.common.security")
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
-	
-	@Autowired
-	private CustomUserDetailService customUserDetailService;

-    private static final String usersQuery = "select concat(user_name, ':', user_id, ':', user_dname), password, true \n" +
-            "from auth_user where user_name = ?";
-    private static final String rolesQuery = "select t1.user_name, concat(concat('ROLE_', t1.author_name), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name \n" +
-            "from \n" +
-            "  (select a.user_name, d.author_name\n" +
-            "   from auth_user a, auth_user_roles b, auth_role_authors c, auth_author d\n" +
-            "   where a.user_id = b.user_id and b.role_id = c.role_id and c.author_id = d.author_id\n" +
-            "     and a.user_name = substring_index(?, ':', 1)) t1\n" +
-            "  left join\n" +
-            "  (select a.user_name, c.domain_id\n" +
-            "   from auth_user a, auth_user_domains b, auth_domain c\n" +
-            "   where a.user_id = b.user_id and b.domain_id = c.domain_id) t2\n" +
-            "on t1.user_name = t2.user_name \n" +
-            "group by t1.author_name";

    @Autowired
-    private DataSource dataSource;
+    private CustomizedUserDetailService customUserDetailService;

    @Value("${security.permit}")
-    private boolean permit = true;
+    private boolean permit;
+
+    @Autowired
+    private DataSource dataSource;

    @Autowired
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
-    	 auth.userDetailsService(customUserDetailService).passwordEncoder(new SHA1PasswordEncoder());
-//        auth.jdbcAuthentication().usersByUsernameQuery(usersQuery).authoritiesByUsernameQuery(rolesQuery)
-//                .dataSource(dataSource).passwordEncoder(new SHA1PasswordEncoder());
+        auth.userDetailsService(customUserDetailService).passwordEncoder(new SHA1PasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        if (permit)
            http.httpBasic().and().authorizeRequests().anyRequest().permitAll();
-        else {
-            //http.httpBasic().and().authorizeRequests().anyRequest().authenticated();
-        	http.authorizeRequests()
-        	.antMatchers("/common/**").permitAll()
-            .anyRequest().authenticated()
-            .and().httpBasic();
-        }
+        else
+            http.httpBasic().and().authorizeRequests().anyRequest().authenticated();

+        http.headers().frameOptions().disable();
        http.csrf().disable();
    }
-    
-    class SHA1PasswordEncoder implements PasswordEncoder {

+    class SHA1PasswordEncoder implements PasswordEncoder {
        @Override
        public String encode(CharSequence charSequence) {
            return DigestUtils.sha1Hex(charSequence.toString());
@@ -79,7 +57,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        public boolean matches(CharSequence charSequence, String s) {
            return DigestUtils.sha1Hex(charSequence.toString()).equals(s);
        }
-
    }

 }
--- a/src/main/java/com/keymobile/tagmanager/service/CustomUserDetailService.java
+++ b/src/main/java/com/keymobile/tagmanager/service/CustomUserDetailService.java
-package com.keymobile.tagmanager.service;
-
-import java.util.List;
-import javax.annotation.PostConstruct;
-import javax.sql.DataSource;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
-import org.springframework.stereotype.Service;
-
-@Service
-public class CustomUserDetailService extends JdbcDaoImpl implements UserDetailsService{
-	
-	private static final String USERSQUERY = "select concat(user_name, ':', user_id, ':', user_dname), password, true \n" +
-            "from auth_user where user_name = ?";
- 
-	private static final String ROLESQUERY = "select t1.user_name, concat(concat('ROLE_', t1.author_name), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name \n" +
-            "from \n" +
-            "  (select a.user_name, d.author_name\n" +
-            "   from auth_user a, auth_user_roles b, auth_role_authors c, auth_author d\n" +
-            "   where a.user_id = b.user_id and b.role_id = c.role_id and c.author_id = d.author_id\n" +
-            "     and a.user_name = substring_index(?, ':', 1)) t1\n" +
-            "  left join\n" +
-            "  (select a.user_name, c.domain_id\n" +
-            "   from auth_user a, auth_user_domains b, auth_domain c\n" +
-            "   where a.user_id = b.user_id and b.domain_id = c.domain_id) t2\n" +
-            "on t1.user_name = t2.user_name \n" +
-            "group by t1.author_name";
-	
-
-    @Autowired
-    private DataSource dataSource;
-    
-    
-    @PostConstruct
-    public void init() {
-    	this.setDataSource(dataSource);
-    	this.setUsersByUsernameQuery(USERSQUERY);
-    	this.setAuthoritiesByUsernameQuery(ROLESQUERY);
-    }
-    
-    //DATA_ROLE infomataion
-	@Override
-	protected void addCustomAuthorities(String username, List<GrantedAuthority> authorities) {
-		authorities.add(new SimpleGrantedAuthority("DATA_ROLE_1"));
-		authorities.add(new SimpleGrantedAuthority("DATA_ROLE_1"));
-	}
-	
-
-}