From 5fae0f214c47db2308933f8bde606b4240c4692d Mon Sep 17 00:00:00 2001 From: xingyu Date: Mon, 25 Sep 2023 18:31:14 +0800 Subject: [PATCH] feat: security config --- .../security/TenantSecurityWebFilter.java | 8 +++---- .../YudaoWebSecurityConfigurerAdapter.java | 24 +++++++++---------- .../swagger/config/SwaggerProperties.java | 3 +-- .../config/YudaoSwaggerAutoConfiguration.java | 6 ++++- .../config/SecurityConfiguration.java | 14 +++++------ .../src/main/resources/application-dev.yaml | 2 +- .../src/main/resources/application-local.yaml | 2 +- .../config/SecurityConfiguration.java | 22 ++++++++--------- .../config/SecurityConfiguration.java | 16 ++++++------- .../config/SecurityConfiguration.java | 16 ++++++------- .../src/main/resources/application-dev.yaml | 2 +- .../src/main/resources/application-local.yaml | 2 +- .../config/SecurityConfiguration.java | 16 ++++++------- .../config/SecurityConfiguration.java | 16 ++++++------- .../src/main/resources/application-dev.yaml | 2 +- .../src/main/resources/application-local.yaml | 12 ++++++---- 16 files changed, 84 insertions(+), 79 deletions(-) diff --git a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java index 27c75eb88..5c5fd9e33 100644 --- a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java +++ b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java @@ -15,13 +15,13 @@ import cn.iocoder.yudao.framework.web.config.WebProperties; import cn.iocoder.yudao.framework.web.core.filter.ApiRequestFilter; import cn.iocoder.yudao.framework.web.core.handler.GlobalExceptionHandler; import cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.springframework.util.AntPathMatcher; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Objects; diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java index d03ba3677..710fdfd35 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java @@ -5,6 +5,8 @@ import cn.iocoder.yudao.framework.security.core.filter.TokenAuthenticationFilter import cn.iocoder.yudao.framework.web.config.WebProperties; import com.google.common.collect.HashMultimap; import com.google.common.collect.Multimap; +import jakarta.annotation.Resource; +import jakarta.annotation.security.PermitAll; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; @@ -23,8 +25,6 @@ import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; -import javax.annotation.Resource; -import javax.annotation.security.PermitAll; import java.util.List; import java.util.Map; import java.util.Set; @@ -117,23 +117,23 @@ public class YudaoWebSecurityConfigurerAdapter { // 设置每个请求的权限 httpSecurity // ①:全局共享规则 - .authorizeRequests() + .authorizeHttpRequests() // 1.1 静态资源,可匿名访问 - .antMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll() + .requestMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll() // 1.2 设置 @PermitAll 无需认证 - .antMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.PUT, permitAllUrls.get(HttpMethod.PUT).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.DELETE, permitAllUrls.get(HttpMethod.DELETE).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.PUT, permitAllUrls.get(HttpMethod.PUT).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.DELETE, permitAllUrls.get(HttpMethod.DELETE).toArray(new String[0])).permitAll() // 1.3 基于 yudao.security.permit-all-urls 无需认证 - .antMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll() + .requestMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll() // 1.4 设置 App API 无需认证 - .antMatchers(buildAppApi("/**")).permitAll() + .requestMatchers(buildAppApi("/**")).permitAll() // ②:每个项目的自定义规则 - .and().authorizeRequests(registry -> // 下面,循环设置自定义规则 + .and().authorizeHttpRequests(registry -> // 下面,循环设置自定义规则 authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(registry))) // ③:兜底规则,必须认证 - .authorizeRequests() + .authorizeHttpRequests() .anyRequest().authenticated() ; diff --git a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/SwaggerProperties.java b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/SwaggerProperties.java index 13a156881..aa2ad7f0a 100644 --- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/SwaggerProperties.java +++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/SwaggerProperties.java @@ -1,10 +1,9 @@ package cn.iocoder.yudao.framework.swagger.config; +import jakarta.validation.constraints.NotEmpty; import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; -import javax.validation.constraints.NotEmpty; - /** * Swagger 配置属性 * diff --git a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/YudaoSwaggerAutoConfiguration.java b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/YudaoSwaggerAutoConfiguration.java index 2481d2b74..2ab128c50 100644 --- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/YudaoSwaggerAutoConfiguration.java +++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/swagger/config/YudaoSwaggerAutoConfiguration.java @@ -10,10 +10,14 @@ import io.swagger.v3.oas.models.media.StringSchema; import io.swagger.v3.oas.models.parameters.Parameter; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; -import org.springdoc.core.*; import org.springdoc.core.customizers.OpenApiBuilderCustomizer; import org.springdoc.core.customizers.ServerBaseUrlCustomizer; +import org.springdoc.core.models.GroupedOpenApi; +import org.springdoc.core.properties.SpringDocConfigProperties; import org.springdoc.core.providers.JavadocProvider; +import org.springdoc.core.service.OpenAPIService; +import org.springdoc.core.service.SecurityService; +import org.springdoc.core.utils.PropertyResolverUtils; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; diff --git a/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java b/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java index 163886c65..32e19b6a3 100644 --- a/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java @@ -4,7 +4,7 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * Bpm 模块的 Security 配置 @@ -17,16 +17,16 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); } }; diff --git a/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-dev.yaml b/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-dev.yaml index 13e35b51c..385451f5e 100644 --- a/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-dev.yaml +++ b/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-dev.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 datasource: druid: # Druid 【监控】相关的全局配置 web-stat-filter: diff --git a/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-local.yaml b/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-local.yaml index 6b22d9a50..029a0176d 100644 --- a/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-local.yaml +++ b/yudao-module-bpm/yudao-module-bpm-biz/src/main/resources/application-local.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 - de.codecentric.boot.admin.client.config.SpringBootAdminClientAutoConfiguration # 禁用 Spring Boot Admin 的 Client 的自动配置 datasource: druid: # Druid 【监控】相关的全局配置 diff --git a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java index c5b947e11..507148368 100644 --- a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java @@ -6,7 +6,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * Infra 模块的 Security 配置 @@ -22,24 +22,24 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // Spring Boot Admin Server 的安全配置 - registry.antMatchers(adminSeverContextPath).anonymous() - .antMatchers(adminSeverContextPath + "/**").anonymous(); + registry.requestMatchers(adminSeverContextPath).anonymous() + .requestMatchers(adminSeverContextPath + "/**").anonymous(); // 文件读取 - registry.antMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll(); + registry.requestMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll(); // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java b/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java index 016c2ffd5..7caddf49e 100644 --- a/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java @@ -5,7 +5,7 @@ import cn.iocoder.yudao.module.system.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * System 模块的 Security 配置 @@ -18,18 +18,18 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java b/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java index 70a3a239f..13c8e13c3 100644 --- a/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java @@ -5,7 +5,7 @@ import cn.iocoder.yudao.module.pay.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * Pay 模块的 Security 配置 @@ -18,17 +18,17 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-dev.yaml b/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-dev.yaml index 71849d27e..9b3d8bc59 100644 --- a/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-dev.yaml +++ b/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-dev.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 datasource: druid: # Druid 【监控】相关的全局配置 web-stat-filter: diff --git a/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-local.yaml b/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-local.yaml index 3415865ad..a39186b98 100644 --- a/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-local.yaml +++ b/yudao-module-pay/yudao-module-pay-biz/src/main/resources/application-local.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 - de.codecentric.boot.admin.client.config.SpringBootAdminClientAutoConfiguration # 禁用 Spring Boot Admin 的 Client 的自动配置 datasource: druid: # Druid 【监控】相关的全局配置 diff --git a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java index 05b009661..1e7021fb9 100644 --- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java @@ -4,7 +4,7 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * Report 模块的 Security 配置 @@ -17,17 +17,17 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // 积木报表 - registry.antMatchers("/jmreport/**").permitAll(); + registry.requestMatchers("/jmreport/**").permitAll(); } }; diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java index 3f0a7ac31..54bcdaa62 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java @@ -5,7 +5,7 @@ import cn.iocoder.yudao.module.system.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * System 模块的 Security 配置 @@ -18,18 +18,18 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据 - .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI + registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据 + .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").anonymous(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").anonymous() + .requestMatchers("/actuator/**").anonymous(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-system/yudao-module-system-biz/src/main/resources/application-dev.yaml b/yudao-module-system/yudao-module-system-biz/src/main/resources/application-dev.yaml index a9638d835..ff664d14e 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/resources/application-dev.yaml +++ b/yudao-module-system/yudao-module-system-biz/src/main/resources/application-dev.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 datasource: druid: # Druid 【监控】相关的全局配置 web-stat-filter: diff --git a/yudao-module-system/yudao-module-system-biz/src/main/resources/application-local.yaml b/yudao-module-system/yudao-module-system-biz/src/main/resources/application-local.yaml index f99f6ad41..c2403588f 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/resources/application-local.yaml +++ b/yudao-module-system/yudao-module-system-biz/src/main/resources/application-local.yaml @@ -3,7 +3,7 @@ spring: # 数据源配置项 autoconfigure: exclude: - - com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 + # - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure # 排除 Druid 的自动配置,使用 dynamic-datasource-spring-boot-starter 配置多数据源 - de.codecentric.boot.admin.client.config.SpringBootAdminClientAutoConfiguration # 禁用 Spring Boot Admin 的 Client 的自动配置 datasource: druid: # Druid 【监控】相关的全局配置 @@ -52,6 +52,7 @@ spring: # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W slave: # 模拟从库,可根据自己需要修改 name: ruoyi-vue-pro + lazy: true # 开启懒加载,保证启动速度 url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 # url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例 # url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例 @@ -63,10 +64,11 @@ spring: # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W # Redis 配置。Redisson 默认的配置足够使用,一般不需要进行调优 - redis: - host: 127.0.0.1 # 地址 - port: 6379 # 端口 - database: 0 # 数据库索引 + data: + redis: + host: 127.0.0.1 # 地址 + port: 6379 # 端口 + database: 0 # 数据库索引 # password: 123456 # 密码,建议生产环境开启 --- #################### MQ 消息队列相关配置 ####################