| 12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- package com.ym.mec.teacher.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
- import com.ym.mec.common.security.BaseAccessDeniedHandler;
- import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
- @Configuration
- @EnableResourceServer
- @EnableGlobalMethodSecurity(prePostEnabled = true)
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- @Autowired
- private BaseAccessDeniedHandler baseAccessDeniedHandler;
- @Autowired
- private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.csrf()
- .disable()
- .exceptionHandling()
- .accessDeniedHandler(baseAccessDeniedHandler)
- .authenticationEntryPoint(baseAuthenticationEntryPoint)
- .and()
- .authorizeRequests()
- .antMatchers("/v2/api-docs", "/code/*", "/teacher/queryStudentApply", "/teacher/querySubByMusicGroupId", "/studentRegistration/updateSubject",
- "/studyReport/createEvaluate", "/teacherOrder/*","/teacher/getRegisterOrPreList").permitAll().anyRequest().authenticated().and().httpBasic();
- }
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
- resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
- }
- }
|
