Skip to content

A
activiti7-workflow

jwxkk / activiti7-workflow

通知 11
Star 2
Fork 1
A
activiti7-workflow

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
ActivitiSecurityConfig.java 3.6 KB
Newer Older
jwxkk's avatar
项目初始化  
jwxkk 已提交
1 2 3 4 5 6 7 8 
package com.imooc.activitiweb.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
jwxkk's avatar
完善系统功能  
jwxkk 已提交
9 
public class ActivitiSecurityConfig extends WebSecurityConfigurerAdapter {
jwxkk's avatar
项目初始化  
jwxkk 已提交
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 

    @Autowired
    private LoginSuccessHandler loginSuccessHandler;

    @Autowired
    private LoginFailureHandler loginFailureHandler;


    @Override
    protected void configure(HttpSecurity http) throws Exception {

//----------------自定义方法登录----------------------
       /* http
                .formLogin()
                .loginPage("/authentication/require")//这个页面必须要放在resources/resources里,否则提交不会生效,估计是安全框架的机制
                .loginProcessingUrl("/authentication/require")//这里的名字和登录页的Post内容一致,就可以调框架自带的登录
                .successHandler(loginSuccessHandler)
                .failureHandler(loginFailureHandler)
                //.defaultSuccessUrl("/hello")
                //.successForwardUrl("success.html")
                //.failureForwardUrl("failure.html")
                .and()
                .authorizeRequests()
                .antMatchers("/authentication/require", "/demo-login.html", "/demo-login1.html", "/demo-login").permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .headers().frameOptions().disable()//让frame页面可以正常使用
                .and()
                .csrf().disable();*/
        //--------------------------网页登录-----------------------------
               /* http
                .formLogin()
                .loginPage("/demo-login.html")//这个页面必须要放在resources/resources里,否则提交不会生效,估计是安全框架的机制
                .loginProcessingUrl("/demo-login")//这里的名字和登录页的Post内容一致,就可以调框架自带的登录
                //.defaultSuccessUrl("/hello")
                //.successForwardUrl("success.html")
                //.failureForwardUrl("failure.html")
                .and()
                .authorizeRequests()
                .antMatchers("/demo-login.html", "/demo-login").permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .csrf().disable();
                */
        //--------------------------验证都关闭-----------------------------
               //http.authorizeRequests().anyRequest().permitAll().and().logout().permitAll().and().csrf().disable().headers().frameOptions().disable();//全部页面不验证
        //--------------------------activiti与layui的自定义登录-----------------------------
        http
                .formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/login")
                .successHandler(loginSuccessHandler)
                .failureHandler(loginFailureHandler)
                //.defaultSuccessUrl("/hello")
                //.successForwardUrl("success.html")
                //.failureForwardUrl("failure.html")
                .and()
                .authorizeRequests()
                .antMatchers("/login", "/demo-login.html", "/demo-login1.html", "/layuimini/page/login-1.html").permitAll()
                .anyRequest()
                .permitAll().and().logout().permitAll().and().csrf().disable().headers().frameOptions().disable();//全部页面不验证


    }


}