Merge pull request #141 from ChineseTony/master

fix

samples/sureness-spring-boot-starter-example/pom.xml

@@ -15,7 +15,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
-        <spring-boot-starter-sureness.version>1.0.0-beta.1</spring-boot-starter-sureness.version>
+        <spring-boot-starter-sureness.version>1.0.0-beta.2</spring-boot-starter-sureness.version>
     </properties>
 
     <dependencies>

samples/sureness-spring-boot-starter-example/src/main/java/com/usthe/sureness/bootstrap/BootstrapApplication.java

@@ -8,7 +8,6 @@ import org.springframework.boot.web.servlet.ServletComponentScan;
  * @author wangtao
  */
 @SpringBootApplication
-@ServletComponentScan
 public class BootstrapApplication {
 
     public static void main(String[] args) {

samples/sureness-spring-boot-starter-example/src/main/resources/application.yml

@@ -10,14 +10,16 @@ logging:
     root: info
 
 sureness:
-  enabled: true
-  authTypes:
-    - Jwt
-    - Basic
-    - Digest
+  container: servlet
+  auth-types:
+    - digest
+    - basic
+    - jwt
   support-types:
     - Servlet
     - Websocket
+  session-enabled: true
+  websocket-enabled: true
   jwt:
     secret-key: ?::4s9ssf2sf4sed45pf):RnLN7XNn4wARoQXizIv6MHUsIV+EFfiMw/x7R0ntu4aWr/CWuApcFajCyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R+YYzGMRIqcBIp6AKA98GM2RIqcBIp6-?::4390fsf4sdl6opf)4ZI:tdQMtcQQ14pkOAQdQ546
   annotation:

support/spring-boot-starter-sureness/pom.xml

@@ -53,7 +53,7 @@
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <sureness-core.version>1.0.4-beta.2</sureness-core.version>
+        <sureness-core.version>1.0.5</sureness-core.version>
         <spring-boot.version>2.4.5</spring-boot.version>
     </properties>
 

support/spring-boot-starter-sureness/src/main/java/com/usthe/sureness/configuration/SurenessAutoConfiguration.java

@@ -54,6 +54,7 @@ import org.springframework.context.annotation.Configuration;
 import javax.servlet.Filter;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
@@ -75,8 +76,6 @@ public class SurenessAutoConfiguration {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(SurenessAutoConfiguration.class);
 
-    private static final int NUM_2 = 2;
-
     private ApplicationContext applicationContext;
 
     private SurenessProperties surenessProperties;
@@ -94,11 +93,8 @@ public class SurenessAutoConfiguration {
 
     @Bean
     @ConditionalOnMissingBean(PathTreeProvider.class)
-    PathTreeProvider pathTreeProvider(DefaultPathRoleMatcher pathRoleMatcher){
-        PathTreeProvider pathTreeProvider = new DocumentPathTreeProvider();
-        pathRoleMatcher.setPathTreeProvider(pathTreeProvider);
-        pathRoleMatcher.buildTree();
-        return pathTreeProvider;
+    PathTreeProvider pathTreeProvider(){
+        return new DocumentPathTreeProvider();
     }
 
     @Bean
@@ -107,76 +103,73 @@ public class SurenessAutoConfiguration {
     SubjectFactory subjectFactory() {
         SubjectFactory subjectFactory = new SurenessSubjectFactory();
         List<SubjectCreate> subjectCreates = new ArrayList<>();
-        Set<AuthType> authTypes = surenessProperties.getAuthTypes();
-        if (authTypes == null || authTypes.isEmpty()) {
+        AuthType[] authTypeArr = surenessProperties.getAuthTypes();
+        Set<AuthType> authTypes = authTypeArr == null ? new HashSet<>() : new HashSet<>(Arrays.asList(authTypeArr));
+        if (authTypes.isEmpty()) {
             // if is null, default config is basic auth, jwt auth
             LOGGER.info("[sureness-starter] - use default authTypes: Basic, Jwt");
             authTypes = new HashSet<>(2);
             authTypes.add(AuthType.BASIC);
             authTypes.add(AuthType.JWT);
-            surenessProperties.setAuthTypes(authTypes);
         }
-        Set<SupportType> supportTypes = surenessProperties.getSupportTypes();
-        if (supportTypes == null || supportTypes.isEmpty()) {
-            // if is null, default config is servlet, websocket
+        ContainerType containerType = surenessProperties.getContainer();
+        if (containerType == null) {
+            // if is null, default config is servlet
             LOGGER.info("[sureness-starter] - use default supportTypes: Servlet, Websocket");
-            supportTypes = new HashSet<>(2);
-            supportTypes.add(SupportType.Servlet);
-            supportTypes.add(SupportType.WebSocket);
-            surenessProperties.setSupportTypes(supportTypes);
+            containerType = ContainerType.Servlet;
         }
-        if (supportTypes.size() >= NUM_2 && !supportTypes.contains(SupportType.WebSocket)) {
-            LOGGER.error("[sureness-starter] - supportTypes: Servlet, JAX-RS or Spring-Reactor neither can exist at the same time");
-            throw new SurenessInitException("[sureness-starter] - supportTypes: Servlet, JAX-RS or Spring-Reactor neither can exist at the same time");
-        }
-        if (supportTypes.contains(SupportType.Servlet)) {
-            subjectCreates.add(new NoneSubjectServletCreator());
-            if (supportTypes.contains(SupportType.WebSocket)) {
-                subjectCreates.add(new JwtSubjectWsServletCreator());
-            }
-            if (authTypes.contains(AuthType.BASIC)){
-                subjectCreates.add(new BasicSubjectServletCreator());
-            }
-            if (authTypes.contains(AuthType.JWT)){
-                subjectCreates.add(new JwtSubjectServletCreator());
-                subjectCreates.add(new JwtSubjectWsServletCreator());
-            }
-            if (authTypes.contains(AuthType.DIGEST)){
-                subjectCreates.add(new DigestSubjectServletCreator());
-            }
-            if (surenessProperties.isSessionEnabled()) {
-                subjectCreates.add(new SessionSubjectServletCreator());
-            }
-        } else if (supportTypes.contains(SupportType.JAX_RS)){
-            // other is JAX-RS
-            subjectCreates.add(new NoneSubjectJaxRsCreator());
-            if (supportTypes.contains(SupportType.WebSocket)) {
-                subjectCreates.add(new JwtSubjectWsJaxRsCreator());
-            }
-            if (authTypes.contains(AuthType.BASIC)){
-                subjectCreates.add(new BasicSubjectJaxRsCreator());
-            }
-            if (authTypes.contains(AuthType.JWT)){
-                subjectCreates.add(new JwtSubjectJaxRsCreator());
-                subjectCreates.add(new JwtSubjectWsJaxRsCreator());
-            }
-            if (authTypes.contains(AuthType.DIGEST)){
-                subjectCreates.add(new DigestSubjectJaxRsCreator());
-            }
-        } else if (supportTypes.contains(SupportType.Spring_Reactor)) {
-            subjectCreates.add(new NoneSubjectSpringReactiveCreator());
-            if (supportTypes.contains(SupportType.WebSocket)) {
-                subjectCreates.add(new JwtSubjectWsSpringReactiveCreator());
-            }
-            if (authTypes.contains(AuthType.BASIC)) {
-                subjectCreates.add(new BasicSubjectSpringReactiveCreator());
-            }
-            if (authTypes.contains(AuthType.JWT)) {
-                subjectCreates.add(new JwtSubjectSpringReactiveCreator());
-            }
-            if (authTypes.contains(AuthType.DIGEST)) {
-                subjectCreates.add(new DigestSubjectSpringReactiveCreator());
-            }
+        boolean enableWebsocket = surenessProperties.isWebsocketEnabled();
+        switch (containerType) {
+            case Servlet:
+                subjectCreates.add(new NoneSubjectServletCreator());
+                if (enableWebsocket) {
+                    subjectCreates.add(new JwtSubjectWsServletCreator());
+                }
+                if (authTypes.contains(AuthType.BASIC)){
+                    subjectCreates.add(new BasicSubjectServletCreator());
+                }
+                if (authTypes.contains(AuthType.JWT)){
+                    subjectCreates.add(new JwtSubjectServletCreator());
+                    subjectCreates.add(new JwtSubjectWsServletCreator());
+                }
+                if (authTypes.contains(AuthType.DIGEST)){
+                    subjectCreates.add(new DigestSubjectServletCreator());
+                }
+                if (surenessProperties.isSessionEnabled()) {
+                    subjectCreates.add(new SessionSubjectServletCreator());
+                }
+                break;
+            case JAX_RS:
+                subjectCreates.add(new NoneSubjectJaxRsCreator());
+                if (enableWebsocket) {
+                    subjectCreates.add(new JwtSubjectWsJaxRsCreator());
+                }
+                if (authTypes.contains(AuthType.BASIC)){
+                    subjectCreates.add(new BasicSubjectJaxRsCreator());
+                }
+                if (authTypes.contains(AuthType.JWT)){
+                    subjectCreates.add(new JwtSubjectJaxRsCreator());
+                    subjectCreates.add(new JwtSubjectWsJaxRsCreator());
+                }
+                if (authTypes.contains(AuthType.DIGEST)){
+                    subjectCreates.add(new DigestSubjectJaxRsCreator());
+                }
+                break;
+            case Spring_Reactor:
+                subjectCreates.add(new NoneSubjectSpringReactiveCreator());
+                if (enableWebsocket) {
+                    subjectCreates.add(new JwtSubjectWsSpringReactiveCreator());
+                }
+                if (authTypes.contains(AuthType.BASIC)) {
+                    subjectCreates.add(new BasicSubjectSpringReactiveCreator());
+                }
+                if (authTypes.contains(AuthType.JWT)) {
+                    subjectCreates.add(new JwtSubjectSpringReactiveCreator());
+                }
+                if (authTypes.contains(AuthType.DIGEST)) {
+                    subjectCreates.add(new DigestSubjectSpringReactiveCreator());
+                }
+            default: break;
         }
         subjectFactory.registerSubjectCreator(subjectCreates);
         LOGGER.info("[sureness-starter] - SurenessSubjectFactory init success");
@@ -209,14 +202,14 @@ public class SurenessAutoConfiguration {
         List<Processor> processorList = new LinkedList<>();
         NoneProcessor noneProcessor = new NoneProcessor();
         processorList.add(noneProcessor);
-        Set<AuthType> authTypes = surenessProperties.getAuthTypes();
-        if (authTypes == null || authTypes.isEmpty()) {
+        AuthType[] authTypeArr = surenessProperties.getAuthTypes();
+        Set<AuthType> authTypes = authTypeArr == null ? new HashSet<>() : new HashSet<>(Arrays.asList(authTypeArr));
+        if (authTypes.isEmpty()) {
             // if is null, default config is basic auth, jwt auth
             LOGGER.info("[sureness-starter] - use default authTypes: Basic, Jwt");
             authTypes = new HashSet<>(2);
             authTypes.add(AuthType.BASIC);
             authTypes.add(AuthType.JWT);
-            surenessProperties.setAuthTypes(authTypes);
         }
         if (authTypes.contains(AuthType.JWT)) {
             JwtProcessor jwtProcessor = new JwtProcessor();
@@ -241,12 +234,15 @@ public class SurenessAutoConfiguration {
 
     @Bean
     @ConditionalOnMissingBean(TreePathRoleMatcher.class)
-    TreePathRoleMatcher pathRoleMatcher(PathTreeProvider pathTreeProvider,
-                                        DefaultPathRoleMatcher pathRoleMatcher) {
-        List<PathTreeProvider> providers = new ArrayList<>();
-        providers.add(pathTreeProvider);
-        // add documentProvider default
-        providers.add(new DocumentPathTreeProvider());
+    TreePathRoleMatcher pathRoleMatcher(List<PathTreeProvider> pathTreeProviders) {
+        DefaultPathRoleMatcher pathRoleMatcher = new DefaultPathRoleMatcher();
+        if (pathTreeProviders == null) {
+            pathTreeProviders = new ArrayList<>();
+        }
+        if (pathTreeProviders.isEmpty()) {
+            // add documentProvider default
+            pathTreeProviders.add(new DocumentPathTreeProvider());
+        }
         AnnotationProperties annotationProperties = surenessProperties.getAnnotation();
         if (annotationProperties != null && annotationProperties.isEnable()) {
             List<String> scanPackages = annotationProperties.getScanPackages();
@@ -255,32 +251,21 @@ public class SurenessAutoConfiguration {
             } else {
                 AnnotationPathTreeProvider annotationPathTreeProvider = new AnnotationPathTreeProvider();
                 annotationPathTreeProvider.setScanPackages(scanPackages);
-                providers.add(annotationPathTreeProvider);
+                pathTreeProviders.add(annotationPathTreeProvider);
             }
         }
-        pathRoleMatcher.setPathTreeProviderList(providers);
+        pathRoleMatcher.setPathTreeProviderList(pathTreeProviders);
         pathRoleMatcher.buildTree();
         return pathRoleMatcher;
     }
 
-    @Bean
-    @ConditionalOnMissingBean(DefaultPathRoleMatcher.class)
-    public DefaultPathRoleMatcher defaultPathRoleMatcher(){
-        return new DefaultPathRoleMatcher();
-    }
-
     @Bean
     @ConditionalOnWebApplication
-    @ConditionalOnMissingBean(value = FilterRegistrationBean.class)
-    @ConditionalOnExpression("'${sureness.support-types}'.contains('com.usthe.sureness.configuration.SupportType.Servlet')")
-    public FilterRegistrationBean filterRegistration(
-            SecurityManager securityManager
-    ) {
+    @ConditionalOnExpression("'${sureness.container}'.equalsIgnoreCase('servlet')")
+    public FilterRegistrationBean filterRegistration() {
         FilterRegistrationBean registration = new FilterRegistrationBean();
-        registration.setFilter(new SurenessFilter(securityManager));
         registration.addUrlPatterns("/*");
-        registration.setFilter((Filter)
-                applicationContext.getBean("surenessFilter"));
+        registration.setFilter((Filter) applicationContext.getBean("surenessFilter"));
         registration.setName("surenessFilter");
         registration.setOrder(1);
         return registration;
@@ -288,6 +273,7 @@ public class SurenessAutoConfiguration {
 
     @Bean
     @ConditionalOnMissingBean(name = "surenessFilter")
+    @ConditionalOnExpression("'${sureness.container}'.equalsIgnoreCase('servlet')")
     public Filter surenessFilter(SecurityManager securityManager){
         return new SurenessFilter(securityManager);
     }

support/spring-boot-starter-sureness/src/main/java/com/usthe/sureness/configuration/SurenessFilter.java

@@ -71,7 +71,7 @@ public class SurenessFilter implements Filter {
             logger.debug("this request account info is illegal, {}", e1.getMessage());
             responseWrite(ResponseEntity
                     .status(HttpStatus.UNAUTHORIZED)
-                    .body("Username or password is incorrect or expired"), servletResponse);
+                    .body("Username or password is incorrect or token expired"), servletResponse);
             return;
         } catch (DisabledAccountException | ExcessiveAttemptsException e2 ) {
             logger.debug("the account is disabled, {}", e2.getMessage());
@@ -96,7 +96,7 @@ public class SurenessFilter implements Filter {
                     servletResponse);
             return;
         }
-        
+
         try {
             // if ok, doFilter and add subject in request
             filterChain.doFilter(servletRequest, servletResponse);

support/spring-boot-starter-sureness/src/main/java/com/usthe/sureness/configuration/SurenessProperties.java

@@ -4,7 +4,6 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
 import java.util.List;
-import java.util.Set;
 
 /**
  * @author wangtao
@@ -20,20 +19,25 @@ public class SurenessProperties {
     private boolean enabled = true;
 
     /**
-     * 可配置 支持 websocket, servlet, jax-rs或者其它容器协议
+     * 可配置 支持 Servlet, JAX_RS, Spring_Reactor 容器协议
      */
-    private Set<SupportType> supportTypes;
+    private ContainerType container = ContainerType.Servlet;
 
     /**
      * 支持的认证方式 Jwt, basic auth, digest auth等其它认证方式
      */
-    private Set<AuthType> authTypes;
+    private AuthType[] authTypes = new AuthType[] {AuthType.BASIC, AuthType.JWT, AuthType.DIGEST};
 
     /**
-     * 当 authType 为 jwt 时设置的属性
+     * 当 authType 为 JWT 时设置的属性
      */
     private JwtProperties jwt;
 
+    /**
+     * 是否开启 websocket 的认证鉴权
+     */
+    private boolean websocketEnabled = true;
+
     /**
      * 是否开启 session
      */
@@ -44,19 +48,11 @@ public class SurenessProperties {
      */
     private AnnotationProperties annotation;
 
-    public Set<SupportType> getSupportTypes() {
-        return supportTypes;
-    }
-
-    public void setSupportTypes(Set<SupportType> supportTypes) {
-        this.supportTypes = supportTypes;
-    }
-
-    public Set<AuthType> getAuthTypes() {
+    public AuthType[] getAuthTypes() {
         return authTypes;
     }
 
-    public void setAuthTypes(Set<AuthType> authTypes) {
+    public void setAuthTypes(AuthType[] authTypes) {
         this.authTypes = authTypes;
     }
 
@@ -92,6 +88,23 @@ public class SurenessProperties {
         this.annotation = annotation;
     }
 
+    public ContainerType getContainer() {
+        return container;
+    }
+
+    public void setContainer(ContainerType container) {
+        this.container = container;
+    }
+
+    public boolean isWebsocketEnabled() {
+        return websocketEnabled;
+    }
+
+    public void setWebsocketEnabled(boolean websocketEnabled) {
+        this.websocketEnabled = websocketEnabled;
+    }
+
+
     public static enum AuthType {
         /** json web token auth **/
         JWT,
@@ -101,15 +114,13 @@ public class SurenessProperties {
         DIGEST
     }
 
-    public static enum SupportType {
+    public static enum ContainerType {
         /** http servlet **/
         Servlet,
         /** jax-rs **/
         JAX_RS,
         /** spring reactor stream **/
         Spring_Reactor,
-        /** websocket **/
-        WebSocket
     }
 
     public static class AnnotationProperties {

support/sureness-spring-boot-starter/src/main/java/com/usthe/sureness/configuration/SurenessAutoConfiguration.java

+package com.usthe.sureness.configuration;
+
+import com.usthe.sureness.matcher.DefaultPathRoleMatcher;
+import com.usthe.sureness.matcher.PathTreeProvider;
+import com.usthe.sureness.matcher.TreePathRoleMatcher;
+import com.usthe.sureness.mgt.SecurityManager;
+import com.usthe.sureness.mgt.SurenessSecurityManager;
+import com.usthe.sureness.processor.DefaultProcessorManager;
+import com.usthe.sureness.processor.Processor;
+import com.usthe.sureness.processor.ProcessorManager;
+import com.usthe.sureness.processor.support.JwtProcessor;
+import com.usthe.sureness.processor.support.NoneProcessor;
+import com.usthe.sureness.processor.support.PasswordProcessor;
+import com.usthe.sureness.provider.SurenessAccountProvider;
+import com.usthe.sureness.provider.annotation.AnnotationPathTreeProvider;
+import com.usthe.sureness.provider.ducument.DocumentAccountProvider;
+import com.usthe.sureness.provider.ducument.DocumentPathTreeProvider;
+import com.usthe.sureness.subject.SubjectCreate;
+import com.usthe.sureness.subject.SubjectFactory;
+import com.usthe.sureness.subject.SurenessSubjectFactory;
+import com.usthe.sureness.subject.creater.BasicSubjectJaxRsCreator;
+import com.usthe.sureness.subject.creater.BasicSubjectServletCreator;
+import com.usthe.sureness.subject.creater.DigestSubjectJaxRsCreator;
+import com.usthe.sureness.subject.creater.DigestSubjectServletCreator;
+import com.usthe.sureness.subject.creater.JwtSubjectJaxRsCreator;
+import com.usthe.sureness.subject.creater.JwtSubjectServletCreator;
+import com.usthe.sureness.subject.creater.JwtSubjectWsJaxRsCreator;
+import com.usthe.sureness.subject.creater.JwtSubjectWsServletCreator;
+import com.usthe.sureness.subject.creater.NoneSubjectJaxRsCreator;
+import com.usthe.sureness.subject.creater.NoneSubjectServletCreator;
+import com.usthe.sureness.util.JsonWebTokenUtil;
+import com.usthe.sureness.util.SurenessConstant;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.BeansException;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnResource;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.util.CollectionUtils;
+
+import javax.servlet.Filter;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+
+import static com.usthe.sureness.DefaultSurenessConfig.SUPPORT_JAX_RS;
+
+
+/**
+ * @author wangtao
+ * @date 2021/7/3
+ */
+@Configuration
+@ConditionalOnProperty(prefix = "sureness", name = "enabled", havingValue = "true",
+        matchIfMissing = true)
+@ConditionalOnResource(resources = "META-INF/spring.factories")
+@AutoConfigureAfter(value = {SurenessProperties.class})
+public class SurenessAutoConfiguration implements ApplicationContextAware {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(SurenessAutoConfiguration.class);
+
+    private ApplicationContext applicationContext;
+
+    @Bean
+    @ConditionalOnMissingBean(SurenessAccountProvider.class)
+    SurenessAccountProvider accountProvider(){
+        return new DocumentAccountProvider();
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(PathTreeProvider.class)
+    PathTreeProvider pathTreeProvider(DefaultPathRoleMatcher pathRoleMatcher){
+        PathTreeProvider pathTreeProvider = new DocumentPathTreeProvider();
+        pathRoleMatcher.setPathTreeProvider(pathTreeProvider);
+        pathRoleMatcher.buildTree();
+        return pathTreeProvider;
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(SubjectFactory.class)
+    SubjectFactory subjectFactory(SurenessProperties surenessProperties) {
+        SubjectFactory subjectFactory = new SurenessSubjectFactory();
+        List<SubjectCreate> subjectCreates = new ArrayList<>();
+        Set<String> sets = new HashSet<>();
+        if (!CollectionUtils.isEmpty(surenessProperties.getAuthTypes())){
+            sets = surenessProperties.getAuthTypes();
+        }
+        if (SUPPORT_JAX_RS.equals(surenessProperties.getSupportType())) {
+            subjectCreates.add(new NoneSubjectJaxRsCreator());
+            if (sets.contains(SurenessConstant.BASIC)){
+                subjectCreates.add(new BasicSubjectJaxRsCreator());
+            }
+            if (sets.contains(SurenessConstant.JWT)){
+                subjectCreates.add(new JwtSubjectJaxRsCreator());
+                subjectCreates.add(new JwtSubjectWsJaxRsCreator());
+            }
+            if (sets.contains(SurenessConstant.DIGEST)){
+                subjectCreates.add(new DigestSubjectJaxRsCreator());
+            }
+        } else {
+            subjectCreates.add(new NoneSubjectServletCreator());
+
+            if (sets.contains(SurenessConstant.BASIC)){
+                subjectCreates.add(new BasicSubjectServletCreator());
+            }
+            if (sets.contains(SurenessConstant.JWT)){
+                subjectCreates.add(new JwtSubjectServletCreator());
+                subjectCreates.add(new JwtSubjectWsServletCreator());
+            }
+            if (sets.contains(SurenessConstant.DIGEST)){
+                subjectCreates.add(new DigestSubjectServletCreator());
+            }
+        }
+        subjectFactory.registerSubjectCreator(subjectCreates);
+        LOGGER.info("SurenessSubjectFactory init");
+        return subjectFactory;
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(SecurityManager.class)
+    SecurityManager securityManager(
+            SurenessProperties surenessProperties,
+            ProcessorManager processorManager,
+            TreePathRoleMatcher pathRoleMatcher,
+            SubjectFactory subjectFactory) {
+        if (!CollectionUtils.isEmpty(surenessProperties.getAuthTypes()) &&
+                surenessProperties.getSupportType().contains(SurenessConstant.JWT)){
+            JsonWebTokenUtil.setDefaultSecretKey(surenessProperties.getToken());
+        }
+        SurenessSecurityManager securityManager = SurenessSecurityManager.getInstance();
+        securityManager.setPathRoleMatcher(pathRoleMatcher);
+        securityManager.setSubjectFactory(subjectFactory);
+        securityManager.setProcessorManager(processorManager);
+        return securityManager;
+    }
+
+
+    @Bean
+    @ConditionalOnMissingBean(ProcessorManager.class)
+    ProcessorManager processorManager(SurenessAccountProvider accountProvider,
+                                      SurenessProperties surenessProperties) {
+        List<Processor> processorList = new LinkedList<>();
+        NoneProcessor noneProcessor = new NoneProcessor();
+        processorList.add(noneProcessor);
+        if (!CollectionUtils.isEmpty(surenessProperties.getAuthTypes()) &&
+                surenessProperties.getSupportType().contains(SurenessConstant.JWT)){
+            JwtProcessor jwtProcessor = new JwtProcessor();
+            processorList.add(jwtProcessor);
+        }
+        PasswordProcessor passwordProcessor = new PasswordProcessor();
+        passwordProcessor.setAccountProvider(accountProvider);
+        processorList.add(passwordProcessor);
+        return new DefaultProcessorManager(processorList);
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(TreePathRoleMatcher.class)
+    TreePathRoleMatcher pathRoleMatcher(PathTreeProvider pathTreeProvider,
+                                        DefaultPathRoleMatcher pathRoleMatcher,
+                                        SurenessProperties surenessProperties) {
+        List<PathTreeProvider> tmp = new ArrayList<>();
+        tmp.add(pathTreeProvider);
+        if (!CollectionUtils.isEmpty(surenessProperties.getScanPackages())) {
+            AnnotationPathTreeProvider annotationPathTreeProvider = new AnnotationPathTreeProvider();
+            annotationPathTreeProvider.setScanPackages(surenessProperties.getScanPackages());
+            tmp.add(annotationPathTreeProvider);
+        }
+        pathRoleMatcher.setPathTreeProviderList(tmp);
+        pathRoleMatcher.buildTree();
+        return pathRoleMatcher;
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(DefaultPathRoleMatcher.class)
+    public   DefaultPathRoleMatcher defaultPathRoleMatcher(){
+        return  new DefaultPathRoleMatcher();
+    }
+
+    @Bean
+    @ConditionalOnWebApplication
+    @ConditionalOnMissingBean(value = FilterRegistrationBean.class, name = "surenessFilter")
+    @ConditionalOnProperty(name="sureness.supportType",havingValue = "servlet")
+    public FilterRegistrationBean testFilterRegistration(
+            SecurityManager securityManager
+    ) {
+        FilterRegistrationBean registration = new FilterRegistrationBean();
+        registration.setFilter(new SurenessFilter(securityManager));
+        registration.addUrlPatterns("/*");
+        registration.setFilter((Filter)
+                applicationContext.getBean("surenessFilter"));
+        registration.setName("surenessFilter");
+        registration.setOrder(1);
+        return registration;
+    }
+
+    @Bean
+    @ConditionalOnMissingBean(name = "surenessFilter")
+    public Filter surenessFilter(SecurityManager securityManager){
+        return new SurenessFilter(securityManager);
+    }
+
+
+    @Override
+    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+        this.applicationContext = applicationContext;
+    }
+}