Commit c74bebd2 by zhangkb

修改securityconfig校验文件

parent dc60ded3
package com.keymobile.indicators.conf; package com.keymobile.indicators.conf;
import javax.sql.DataSource; import javax.sql.DataSource;
import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static final String USERSQUERY = "select concat(user_name, ':', user_id, ':', user_dname), password, true \n" + private static final String USERSQUERY = "select concat(user_id, ':', id, ':', disname, ':', org_no), `password`, true from p_user where user_id = ? and `status` = '1'";
"from auth_user where user_name = ?"; private static final String ROLESQUERY = "select t1.user_id, concat(concat(\"ROLE_\", t1.author_no), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name\n" +
private static final String ROLESQUERY = "select t1.user_name, concat(concat('ROLE_', t1.author_name), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name \n" + " from \n" +
"from \n" + " (select user.user_id, author.author_no\n" +
" (select a.user_name, d.author_name\n" + " from p_user AS user, p_user_role AS ur, p_author_role AS ar, p_author AS author\n" +
" from auth_user a, auth_user_roles b, auth_role_authors c, auth_author d\n" + " where user.user_id = ur.user_id AND ur.role_id = ar.role_id AND ar.author_id = author.author_id\n" +
" where a.user_id = b.user_id and b.role_id = c.role_id and c.author_id = d.author_id\n" + " and user.user_id = substring_index(?, \":\", 1)) t1\n" +
" and a.user_name = substring_index(?, ':', 1)) t1\n" + " left join\n" +
" left join\n" + " (select user.user_id, domain.domain_id\n" +
" (select a.user_name, c.domain_id\n" + " from p_user user, p_user_domain ud, p_domain domain\n" +
" from auth_user a, auth_user_domains b, auth_domain c\n" + " where user.user_id = ud.user_id and ud.domain_id = domain.domain_id) t2\n" +
" where a.user_id = b.user_id and b.domain_id = c.domain_id) t2\n" + " on t1.user_id = t2.user_id\n" +
"on t1.user_name = t2.user_name \n" + " group by t1.author_no";
"group by t1.author_name";
@Value("${security.permit}")
@Value("${security.permit}") private boolean permit;
private boolean permit;
@Autowired
@Autowired private DataSource dataSource;
private DataSource dataSource;
@Autowired
@Autowired @Override
@Override public void configure(AuthenticationManagerBuilder auth) throws Exception {
public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication().usersByUsernameQuery(USERSQUERY).authoritiesByUsernameQuery(ROLESQUERY)
// auth.jdbcAuthentication().usersByUsernameQuery(USERSQUERY).authoritiesByUsernameQuery(ROLESQUERY) .dataSource(dataSource).passwordEncoder(new SHA1PasswordEncoder());
// .dataSource(dataSource).passwordEncoder(new SHA1PasswordEncoder()); }
}
@Override
@Override protected void configure(HttpSecurity http) throws Exception {
protected void configure(HttpSecurity http) throws Exception { if (permit) {
if (permit) { http.httpBasic().and().authorizeRequests().anyRequest().permitAll();
http.httpBasic().and().authorizeRequests().anyRequest().permitAll(); }
} else {
else { http.httpBasic().and().authorizeRequests().anyRequest().authenticated();
http.httpBasic().and().authorizeRequests().anyRequest().authenticated(); }
}
http.headers().frameOptions().disable();
http.headers().frameOptions().disable(); http.csrf().disable();
http.csrf().disable(); }
}
class SHA1PasswordEncoder implements PasswordEncoder {
class SHA1PasswordEncoder implements PasswordEncoder { @Override
@Override public String encode(CharSequence charSequence) {
public String encode(CharSequence charSequence) { return DigestUtils.sha1Hex(charSequence.toString());
return DigestUtils.sha1Hex(charSequence.toString()); }
}
@Override
@Override public boolean matches(CharSequence charSequence, String s) {
public boolean matches(CharSequence charSequence, String s) { return DigestUtils.sha1Hex(charSequence.toString()).equals(s);
return DigestUtils.sha1Hex(charSequence.toString()).equals(s); }
} }
} }
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment