config相关配置。

2021-01-21 17:25:46 +08:00 · 2021-01-21 17:25:46 +08:00 · 133ce514b5
commit 133ce514b5
parent d96f205eda
1 changed files with 17 additions and 16 deletions
--- a/src/main/java/com/cm/partybuilding/config/AuthClientSecurityConfig.java
+++ b/src/main/java/com/cm/partybuilding/config/AuthClientSecurityConfig.java
@ -35,22 +35,23 @@ public class AuthClientSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.formLogin()
+        http
-            .defaultSuccessUrl("/authorize", true)
+                .formLogin()
-            .and()
+                .defaultSuccessUrl("/authorize", true)
-            .logout().logoutSuccessUrl(authServer.getOauthLogout())
+                .and()
-            .and()
+                .logout().logoutSuccessUrl(authServer.getOauthLogout())
-            .authorizeRequests().antMatchers("/app/**", "/route/file/**", "/assets/**","/resource/**").permitAll()
+                .and()
-            .and()
+                .authorizeRequests().antMatchers("/app/**","/resource/**", "/route/file/**", "/assets/**").permitAll()
-            .authorizeRequests()
+                .and()
-            .anyRequest()
+                .authorizeRequests()
-            .access("@clientRbacService.hasPermission(request, authentication)")
+                .anyRequest()
-            .and()
+                .access("@clientRbacService.hasPermission(request, authentication)")
-            .headers().frameOptions().sameOrigin()
+                .and()
-            .and()
+                .headers().frameOptions().sameOrigin()
-            .cors()
+                .and()
-            .and()
+                .cors()
-            .csrf().disable();
+                .and()
                .csrf().disable();
    }
    @Bean