!203 WebSecurityConfigurerAdapter 在Spring Security 5.7过时

Merge pull request !203 from 板砖/master
2 years ago · 912f607062
1 changed files with 25 additions and 23 deletions
--- a/ruoyi-visual/ruoyi-monitor/src/main/java/com/ruoyi/modules/monitor/config/WebSecurityConfigurer.java
+++ b/ruoyi-visual/ruoyi-monitor/src/main/java/com/ruoyi/modules/monitor/config/WebSecurityConfigurer.java
@ -1,9 +1,10 @@
 package com.ruoyi.modules.monitor.config;
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 /**
@ -11,8 +12,8 @@ import org.springframework.security.web.authentication.SavedRequestAwareAuthenti
 * 
 * @author ruoyi
 */
-@Configuration
+@EnableWebSecurity
-public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter
+public class WebSecurityConfigurer
 {
    private final String adminContextPath;
@ -21,29 +22,30 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter
        this.adminContextPath = adminServerProperties.getContextPath();
    }
-    @Override
+    @Bean
-    protected void configure(HttpSecurity http) throws Exception
+    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception
    {
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");
-        http
+        return httpSecurity
-            .headers().frameOptions().disable()
+                .headers().frameOptions().disable()
-            .and().authorizeRequests()
+                .and().authorizeRequests()
-            .antMatchers(adminContextPath + "/assets/**"
+                .antMatchers(adminContextPath + "/assets/**"
-                , adminContextPath + "/login"
+                        , adminContextPath + "/login"
-                , adminContextPath + "/actuator/**"
+                        , adminContextPath + "/actuator/**"
-                , adminContextPath + "/instances/**"
+                        , adminContextPath + "/instances/**"
-            ).permitAll()
+                ).permitAll()
-            .anyRequest().authenticated()
+                .anyRequest().authenticated()
-            .and()
+                .and()
-            .formLogin().loginPage(adminContextPath + "/login")
+                .formLogin().loginPage(adminContextPath + "/login")
-            .successHandler(successHandler).and()
+                .successHandler(successHandler).and()
-            .logout().logoutUrl(adminContextPath + "/logout")
+                .logout().logoutUrl(adminContextPath + "/logout")
-            .and()
+                .and()
-            .httpBasic().and()
+                .httpBasic().and()
-            .csrf()
+                .csrf()
-            .disable();
+                .disable()
                .build();
    }
 }