diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java index 5c8629076..337400f68 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java @@ -4,7 +4,7 @@ import cn.iocoder.yudao.framework.web.config.WebProperties; import org.springframework.core.Ordered; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import javax.annotation.Resource; @@ -15,7 +15,7 @@ import javax.annotation.Resource; * @author 芋道源码 */ public abstract class AuthorizeRequestsCustomizer - implements Customizer.ExpressionInterceptUrlRegistry>, Ordered { + implements Customizer.AuthorizationManagerRequestMatcherRegistry>, Ordered { @Resource private WebProperties webProperties; diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java index 1469080cf..5730e623e 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java @@ -126,22 +126,23 @@ public class YudaoWebSecurityConfigurerAdapter { // 设置每个请求的权限 httpSecurity // ①:全局共享规则 - .authorizeRequests() - // 1.1 静态资源,可匿名访问 - .antMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll() - // 1.2 设置 @PermitAll 无需认证 - .antMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.PUT, permitAllUrls.get(HttpMethod.PUT).toArray(new String[0])).permitAll() - .antMatchers(HttpMethod.DELETE, permitAllUrls.get(HttpMethod.DELETE).toArray(new String[0])).permitAll() - // 1.3 基于 yudao.security.permit-all-urls 无需认证 - .antMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll() + .authorizeHttpRequests(c -> c + // 1.1 静态资源,可匿名访问 + .requestMatchers(HttpMethod.GET, "/*.html", "/*.html", "/*.css", "/*.js").permitAll() + // 1.2 设置 @PermitAll 无需认证 + .requestMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.PUT, permitAllUrls.get(HttpMethod.PUT).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.DELETE, permitAllUrls.get(HttpMethod.DELETE).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.HEAD, permitAllUrls.get(HttpMethod.HEAD).toArray(new String[0])).permitAll() + .requestMatchers(HttpMethod.PATCH, permitAllUrls.get(HttpMethod.PATCH).toArray(new String[0])).permitAll() + // 1.3 基于 yudao.security.permit-all-urls 无需认证 + .requestMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll() + ) // ②:每个项目的自定义规则 - .and().authorizeRequests(registry -> // 下面,循环设置自定义规则 - authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(registry))) + .authorizeHttpRequests(c -> authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(c))) // ③:兜底规则,必须认证 - .authorizeRequests() - .anyRequest().authenticated(); + .authorizeHttpRequests(c -> c.anyRequest().authenticated()); // 添加 Token Filter httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); diff --git a/yudao-framework/yudao-spring-boot-starter-websocket/src/main/java/cn/iocoder/yudao/framework/websocket/core/security/WebSocketAuthorizeRequestsCustomizer.java b/yudao-framework/yudao-spring-boot-starter-websocket/src/main/java/cn/iocoder/yudao/framework/websocket/core/security/WebSocketAuthorizeRequestsCustomizer.java index 5614f05ce..dd0a0ecf1 100644 --- a/yudao-framework/yudao-spring-boot-starter-websocket/src/main/java/cn/iocoder/yudao/framework/websocket/core/security/WebSocketAuthorizeRequestsCustomizer.java +++ b/yudao-framework/yudao-spring-boot-starter-websocket/src/main/java/cn/iocoder/yudao/framework/websocket/core/security/WebSocketAuthorizeRequestsCustomizer.java @@ -4,6 +4,7 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; import cn.iocoder.yudao.framework.websocket.config.WebSocketProperties; import lombok.RequiredArgsConstructor; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -17,8 +18,8 @@ public class WebSocketAuthorizeRequestsCustomizer extends AuthorizeRequestsCusto private final WebSocketProperties webSocketProperties; @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { - registry.antMatchers(webSocketProperties.getPath()).permitAll(); + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { + registry.requestMatchers(webSocketProperties.getPath()).permitAll(); } } diff --git a/yudao-module-ai/yudao-module-ai-biz/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java b/yudao-module-ai/yudao-module-ai-biz/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java index d3e037d3b..c5dc12523 100644 --- a/yudao-module-ai/yudao-module-ai-biz/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-ai/yudao-module-ai-biz/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java @@ -13,8 +13,7 @@ import org.springframework.security.config.annotation.web.configurers.AuthorizeH @Configuration(proxyBeanMethods = false, value = "aiSecurityConfiguration") public class SecurityConfiguration { - - @Bean("infraAuthorizeRequestsCustomizer") + @Bean("aiAuthorizeRequestsCustomizer") public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { return new AuthorizeRequestsCustomizer() { diff --git a/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java b/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java index bcdb88990..9441f4184 100644 --- a/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-bpm/yudao-module-bpm-biz/src/main/java/cn/iocoder/yudao/module/bpm/framework/security/config/SecurityConfiguration.java @@ -4,6 +4,7 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -17,18 +18,18 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); } }; diff --git a/yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/security/config/SecurityConfiguration.java b/yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/security/config/SecurityConfiguration.java index f1a623860..ce11ca2a1 100644 --- a/yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-crm/yudao-module-crm-biz/src/main/java/cn/iocoder/yudao/module/crm/framework/security/config/SecurityConfiguration.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.module.crm.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -18,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").permitAll() - .antMatchers("/actuator/**").permitAll(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").permitAll(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-erp/yudao-module-erp-biz/src/main/java/cn/iocoder/yudao/module/erp/framework/security/config/SecurityConfiguration.java b/yudao-module-erp/yudao-module-erp-biz/src/main/java/cn/iocoder/yudao/module/erp/framework/security/config/SecurityConfiguration.java index da373d8ac..1d27d33a7 100644 --- a/yudao-module-erp/yudao-module-erp-biz/src/main/java/cn/iocoder/yudao/module/erp/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-erp/yudao-module-erp-biz/src/main/java/cn/iocoder/yudao/module/erp/framework/security/config/SecurityConfiguration.java @@ -19,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").permitAll() - .antMatchers("/actuator/**").permitAll(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").permitAll(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java index 198e35857..315446e7b 100644 --- a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java @@ -6,6 +6,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -22,26 +23,26 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // Spring Boot Admin Server 的安全配置 - registry.antMatchers(adminSeverContextPath).anonymous() - .antMatchers(adminSeverContextPath + "/**").anonymous(); + registry.requestMatchers(adminSeverContextPath).permitAll() + .requestMatchers(adminSeverContextPath + "/**").permitAll(); // 文件读取 - registry.antMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll(); + registry.requestMatchers(buildAdminApi("/infra/file/*/get/**")).permitAll(); // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-mall/yudao-module-product-biz/src/main/java/cn/iocoder/yudao/module/product/framework/security/config/SecurityConfiguration.java b/yudao-module-mall/yudao-module-product-biz/src/main/java/cn/iocoder/yudao/module/product/framework/security/config/SecurityConfiguration.java index 02cef434b..c1131a559 100644 --- a/yudao-module-mall/yudao-module-product-biz/src/main/java/cn/iocoder/yudao/module/product/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-mall/yudao-module-product-biz/src/main/java/cn/iocoder/yudao/module/product/framework/security/config/SecurityConfiguration.java @@ -5,10 +5,11 @@ import cn.iocoder.yudao.module.product.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** - * Member 模块的 Security 配置 + * Product 模块的 Security 配置 */ @Configuration("productSecurityConfiguration") public class SecurityConfiguration { @@ -18,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-mall/yudao-module-promotion-biz/src/main/java/cn/iocoder/yudao/module/promotion/framework/security/config/SecurityConfiguration.java b/yudao-module-mall/yudao-module-promotion-biz/src/main/java/cn/iocoder/yudao/module/promotion/framework/security/config/SecurityConfiguration.java index 93958d816..2cefbdfe6 100644 --- a/yudao-module-mall/yudao-module-promotion-biz/src/main/java/cn/iocoder/yudao/module/promotion/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-mall/yudao-module-promotion-biz/src/main/java/cn/iocoder/yudao/module/promotion/framework/security/config/SecurityConfiguration.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.module.promotion.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -18,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-member/yudao-module-member-biz/src/main/java/cn/iocoder/yudao/module/member/framework/security/config/SecurityConfiguration.java b/yudao-module-member/yudao-module-member-biz/src/main/java/cn/iocoder/yudao/module/member/framework/security/config/SecurityConfiguration.java index ab31fbe87..e2a12bc0f 100644 --- a/yudao-module-member/yudao-module-member-biz/src/main/java/cn/iocoder/yudao/module/member/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-member/yudao-module-member-biz/src/main/java/cn/iocoder/yudao/module/member/framework/security/config/SecurityConfiguration.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.module.member.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -18,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java b/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java index f05109823..2960ee145 100644 --- a/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-mp/yudao-module-mp-biz/src/main/java/cn/iocoder/yudao/module/mp/framework/security/config/SecurityConfiguration.java @@ -5,33 +5,33 @@ import cn.iocoder.yudao.module.system.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** - * System 模块的 Security 配置 + * MP 模块的 Security 配置 */ -@Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration") +@Configuration(proxyBeanMethods = false, value = "mpSecurityConfiguration") public class SecurityConfiguration { - @Bean("systemAuthorizeRequestsCustomizer") + @Bean("mpAuthorizeRequestsCustomizer") public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java b/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java index 005c1d7fe..a5f7b5329 100644 --- a/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-pay/yudao-module-pay-biz/src/main/java/cn/iocoder/yudao/module/pay/framework/security/config/SecurityConfiguration.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.module.pay.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -18,19 +19,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } }; diff --git a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java index 003358ec0..83dc40b44 100644 --- a/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-report/yudao-module-report-biz/src/main/java/cn/iocoder/yudao/module/report/framework/security/config/SecurityConfiguration.java @@ -4,6 +4,7 @@ import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; /** @@ -17,19 +18,19 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // 积木报表 - registry.antMatchers("/jmreport/**").permitAll(); + registry.requestMatchers("/jmreport/**").permitAll(); } }; diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java index 5fec2b2a3..be2c742f1 100644 --- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java @@ -5,7 +5,7 @@ import cn.iocoder.yudao.module.system.enums.ApiConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; /** * System 模块的 Security 配置 @@ -18,20 +18,20 @@ public class SecurityConfiguration { return new AuthorizeRequestsCustomizer() { @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 // Swagger 接口文档 - registry.antMatchers("/v3/api-docs/**").permitAll() - .antMatchers("/webjars/**").permitAll() - .antMatchers("/swagger-ui").permitAll() - .antMatchers("/swagger-ui/**").permitAll(); + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); // Druid 监控 - registry.antMatchers("/druid/**").anonymous(); + registry.requestMatchers("/druid/**").permitAll(); // Spring Boot Actuator 的安全配置 - registry.antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous(); + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); // RPC 服务的安全配置 - registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll(); + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); } };