From 1b583e6ebb41e1c61d5c8b8c30c69211cc06e6d3 Mon Sep 17 00:00:00 2001
From: xufenglei <xufenglei>
Date: Mon, 08 Jan 2018 11:55:46 +0800
Subject: [PATCH] 账户管理

---
 src/main/java/com/moral/security/WebSecurityConfiguration.java |   11 ++++++-----
 1 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/moral/security/WebSecurityConfiguration.java b/src/main/java/com/moral/security/WebSecurityConfiguration.java
index 0ff9182..d54621f 100644
--- a/src/main/java/com/moral/security/WebSecurityConfiguration.java
+++ b/src/main/java/com/moral/security/WebSecurityConfiguration.java
@@ -14,6 +14,7 @@
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.approval.ApprovalStore;
 import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
@@ -44,15 +45,15 @@
 				.withUser("bill").password("abc123").roles("ADMIN").and()
 				.withUser("bob").password("abc123").roles("USER");
 
-//		auth.userDetailsService(userDetailsService).passwordEncoder(new Md5PasswordEncoder());
+		auth.userDetailsService(userDetailsService).passwordEncoder(NoOpPasswordEncoder.getInstance());
 	}
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-		http
-		.anonymous().disable()
-	  	.authorizeRequests()
-	  	.antMatchers("/oauth/token").permitAll();
+		http.csrf().disable(); //TODO ������������CSRF
+		http.anonymous().disable()
+	  	    .authorizeRequests()
+	  	    .antMatchers("/oauth/token").permitAll();
     }
 
     @Override

--
Gitblit v1.8.0