diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java index fdfe6c3b9..3af796016 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java @@ -7,10 +7,15 @@ import org.springframework.aop.framework.Advised; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationListener; import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.security.web.DefaultSecurityFilterChain; +import org.springframework.security.web.FilterChainProxy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.stereotype.Component; import org.springframework.util.CollectionUtils; import org.springframework.web.bind.annotation.*; +import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.*; @@ -45,6 +50,9 @@ public class IgnoreAuthPostProcessor implements ApplicationListener urls){ + FilterChainProxy obj = applicationContext.getBean(FilterChainProxy.class); + if (Objects.isNull(obj)) { + return; + } + List filterChains = (List) getProperty(obj,"filterChains"); + + if (!CollectionUtils.isEmpty(filterChains)) { + for (String url : urls) { + filterChains.add(0, new DefaultSecurityFilterChain(new AntPathRequestMatcher(url, null))); + } + } + } + + private Object getProperty(Object obj, String fieldName) { + try { + Field field = obj.getClass().getDeclaredField(fieldName); + field.setAccessible(true); + return field.get(obj); + } catch (Exception e) { + return null; + } + } }