Commit c74bebd2 by zhangkb

修改securityconfig校验文件

parent dc60ded3
...@@ -18,20 +18,19 @@ import org.springframework.security.crypto.password.PasswordEncoder; ...@@ -18,20 +18,19 @@ import org.springframework.security.crypto.password.PasswordEncoder;
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static final String USERSQUERY = "select concat(user_name, ':', user_id, ':', user_dname), password, true \n" + private static final String USERSQUERY = "select concat(user_id, ':', id, ':', disname, ':', org_no), `password`, true from p_user where user_id = ? and `status` = '1'";
"from auth_user where user_name = ?"; private static final String ROLESQUERY = "select t1.user_id, concat(concat(\"ROLE_\", t1.author_no), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name\n" +
private static final String ROLESQUERY = "select t1.user_name, concat(concat('ROLE_', t1.author_name), ':', GROUP_CONCAT(COALESCE(t2.domain_id, '*'))) as role_name \n" + " from \n" +
"from \n" + " (select user.user_id, author.author_no\n" +
" (select a.user_name, d.author_name\n" + " from p_user AS user, p_user_role AS ur, p_author_role AS ar, p_author AS author\n" +
" from auth_user a, auth_user_roles b, auth_role_authors c, auth_author d\n" + " where user.user_id = ur.user_id AND ur.role_id = ar.role_id AND ar.author_id = author.author_id\n" +
" where a.user_id = b.user_id and b.role_id = c.role_id and c.author_id = d.author_id\n" + " and user.user_id = substring_index(?, \":\", 1)) t1\n" +
" and a.user_name = substring_index(?, ':', 1)) t1\n" +
" left join\n" + " left join\n" +
" (select a.user_name, c.domain_id\n" + " (select user.user_id, domain.domain_id\n" +
" from auth_user a, auth_user_domains b, auth_domain c\n" + " from p_user user, p_user_domain ud, p_domain domain\n" +
" where a.user_id = b.user_id and b.domain_id = c.domain_id) t2\n" + " where user.user_id = ud.user_id and ud.domain_id = domain.domain_id) t2\n" +
"on t1.user_name = t2.user_name \n" + " on t1.user_id = t2.user_id\n" +
"group by t1.author_name"; " group by t1.author_no";
@Value("${security.permit}") @Value("${security.permit}")
private boolean permit; private boolean permit;
...@@ -42,8 +41,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -42,8 +41,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
@Override @Override
public void configure(AuthenticationManagerBuilder auth) throws Exception { public void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.jdbcAuthentication().usersByUsernameQuery(USERSQUERY).authoritiesByUsernameQuery(ROLESQUERY) auth.jdbcAuthentication().usersByUsernameQuery(USERSQUERY).authoritiesByUsernameQuery(ROLESQUERY)
// .dataSource(dataSource).passwordEncoder(new SHA1PasswordEncoder()); .dataSource(dataSource).passwordEncoder(new SHA1PasswordEncoder());
} }
@Override @Override
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment