工业级后台API v2
parent: 788489c7 | patch | commit | ignore whitespace
fengxiang
2018-02-02 1cc13dcf204f1e136df0d9146a5cebd3ab2c3660 
安全跨域设置
1 files modified
3 ■■■■ changed files
src/main/java/com/moral/security/config/WebSecurityConfig.java 3 ●●●● patch | view | raw | blame | history 
 src/main/java/com/moral/security/config/WebSecurityConfig.java


@@ -18,6 +18,7 @@


import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.config.http.SessionCreationPolicy;


import org.springframework.security.web.access.channel.ChannelProcessingFilter;


import org.springframework.security.web.authentication.AuthenticationFailureHandler;


import org.springframework.security.web.authentication.AuthenticationSuccessHandler;


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


@@ -111,7 +112,7 @@


                .authorizeRequests()


                .antMatchers(API_ROOT_URL).authenticated() // Protected API End-points


            .and()


                .addFilterBefore(new CustomCorsFilter(), UsernamePasswordAuthenticationFilter.class)


                .addFilterBefore(new CustomCorsFilter(), ChannelProcessingFilter.class)


                .addFilterBefore(buildLoginProcessingFilter(AUTHENTICATION_URL), UsernamePasswordAuthenticationFilter.class)


                .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(permitAllEndpointList,


                API_ROOT_URL), UsernamePasswordAuthenticationFilter.class);