Update oauth2 config
LSZ
parent
2baad37216
commit
003d84a60a
|
|
@ -2,11 +2,8 @@ package com.monkeyk.sos.config;
|
|||
|
||||
import com.monkeyk.sos.web.filter.CharacterEncodingIPFilter;
|
||||
import com.opensymphony.sitemesh.webapp.SiteMeshFilter;
|
||||
import org.springframework.util.ClassUtils;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
import org.springframework.web.filter.DelegatingFilterProxy;
|
||||
import org.springframework.web.servlet.support.AbstractDispatcherServletInitializer;
|
||||
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
|
||||
import org.springframework.web.util.Log4jConfigListener;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
|
|
@ -21,7 +18,7 @@ import javax.servlet.ServletException;
|
|||
*
|
||||
* @author Shengzhao Li
|
||||
*/
|
||||
public class ServletInitializer extends AbstractDispatcherServletInitializer {
|
||||
public class ServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
|
||||
|
||||
|
||||
@Override
|
||||
|
|
@ -58,15 +55,25 @@ public class ServletInitializer extends AbstractDispatcherServletInitializer {
|
|||
|
||||
}
|
||||
|
||||
// @Override
|
||||
// protected WebApplicationContext createRootApplicationContext() {
|
||||
// return createServletApplicationContext();
|
||||
// }
|
||||
//
|
||||
// @Override
|
||||
// protected WebApplicationContext createServletApplicationContext() {
|
||||
// AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
|
||||
// context.scan(ClassUtils.getPackageName(getClass()));
|
||||
// return context;
|
||||
// }
|
||||
|
||||
@Override
|
||||
protected WebApplicationContext createRootApplicationContext() {
|
||||
return createServletApplicationContext();
|
||||
protected Class<?>[] getRootConfigClasses() {
|
||||
return new Class[]{ContextConfigurer.class, WebSecurityConfigurer.class, OAuth2ServerConfig.class};
|
||||
}
|
||||
|
||||
@Override
|
||||
protected WebApplicationContext createServletApplicationContext() {
|
||||
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
|
||||
context.scan(ClassUtils.getPackageName(getClass()));
|
||||
return context;
|
||||
protected Class<?>[] getServletConfigClasses() {
|
||||
return new Class[]{WebMvcConfigurer.class};
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@ import org.springframework.security.oauth2.provider.request.DefaultOAuth2Request
|
|||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
|
||||
import org.springframework.security.oauth2.provider.vote.ScopeVoter;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import java.util.Arrays;
|
||||
|
|
@ -49,10 +50,19 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
@Autowired
|
||||
private UserService userService;
|
||||
|
||||
|
||||
@Autowired
|
||||
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.userDetailsService(userService);
|
||||
// auth.inMemoryAuthentication().withUser("marissa").password("koala").roles("USER").and().withUser("paul")
|
||||
// .password("emu").roles("USER");
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) throws Exception {
|
||||
web.expressionHandler(new OAuth2WebSecurityExpressionHandler());
|
||||
web.ignoring().antMatchers("/resources/**");
|
||||
web.expressionHandler(new OAuth2WebSecurityExpressionHandler());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -67,20 +77,22 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/oauth/**").hasAnyRole("ROLE_USER", "ROLE_UNITY", "ROLE_MOBILE")
|
||||
.antMatchers("/**").anonymous()
|
||||
// .antMatchers("/**").anonymous()
|
||||
.and()
|
||||
.exceptionHandling().accessDeniedPage("/login.jsp?authorization_error=2")
|
||||
.and()
|
||||
.csrf().disable()
|
||||
.formLogin().loginPage("/login.jsp")
|
||||
.failureUrl("/login.jsp?authentication_error=1")
|
||||
.defaultSuccessUrl("/index.jsp")
|
||||
.loginProcessingUrl("/login.do")
|
||||
.and()
|
||||
.logout().logoutUrl("/logout.do")
|
||||
.csrf()
|
||||
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize"))
|
||||
.disable()
|
||||
.logout()
|
||||
.logoutUrl("/logout.do")
|
||||
.logoutSuccessUrl("/index.jsp")
|
||||
.and()
|
||||
.anonymous();
|
||||
.formLogin()
|
||||
.loginProcessingUrl("/login.do")
|
||||
.failureUrl("/login.jsp?authentication_error=1")
|
||||
.loginPage("/login.jsp")
|
||||
.defaultSuccessUrl("/index.jsp");
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ import org.slf4j.LoggerFactory;
|
|||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
|
|
@ -59,7 +60,10 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
|
|||
|
||||
@Autowired
|
||||
private ClientDetailsService clientDetailsService;
|
||||
|
||||
// consumerTokenServices,defaultAuthorizationServerTokenServices
|
||||
@Autowired
|
||||
@Qualifier("defaultAuthorizationServerTokenServices")
|
||||
private AuthorizationServerTokenServices tokenServices;
|
||||
@Autowired
|
||||
private AuthorizationCodeServices authorizationCodeServices;
|
||||
|
|
|
|||
Loading…
Reference in New Issue