From 5c6a71fbcad27a637c775358d1004ddb95f55729 Mon Sep 17 00:00:00 2001
From: fengxiang <110431245@qq.com>
Date: Mon, 05 Feb 2018 17:29:41 +0800
Subject: [PATCH] 地图相关资源 设置不拦截
---
src/main/resources/system/sysConfig.properties | 2 +-
src/main/java/com/moral/security/config/WebSecurityConfig.java | 21 ++++++++++++++++-----
src/main/java/com/moral/controller/ScreenController.java | 13 ++++++++-----
3 files changed, 25 insertions(+), 11 deletions(-)
diff --git a/src/main/java/com/moral/controller/ScreenController.java b/src/main/java/com/moral/controller/ScreenController.java
index c351ac2..86f52d9 100644
--- a/src/main/java/com/moral/controller/ScreenController.java
+++ b/src/main/java/com/moral/controller/ScreenController.java
@@ -37,6 +37,7 @@
import com.alibaba.fastjson.TypeReference;
import com.moral.common.bean.ResultBean;
import com.moral.common.util.ValidateUtil;
+import org.springframework.web.servlet.ModelAndView;
import org.xml.sax.InputSource;
/**
@@ -151,7 +152,7 @@
/**
* Gets the standard by sensor.���������������������������
*
- * @param request
+ * @param macKey
* the request
* @return the standard by sensor
*/
@@ -278,7 +279,7 @@
}
@RequestMapping(value = "/map-page", method = RequestMethod.GET)
- public String map(Model model, @RequestParam("areaCode")int code, @RequestParam("accountId")int accountId){
+ public ModelAndView map(ModelAndView model, @RequestParam("areaCode")int code, @RequestParam("accountId")int accountId){
Account account = accountService.getAccountById(accountId);
String regionName = areaService.selectFullNameByCode(code);
if(account!=null&®ionName!=null){
@@ -290,8 +291,9 @@
params.put("orgId", account.getOrganizationId());
params.put("sensors", sensors);
String paramsJson = params.toJSONString();
- model.addAttribute("mapParams",paramsJson);
- return "map";
+ model.addObject("mapParams",paramsJson);
+ model.setViewName("map");
+ return model;
} else {
StringBuilder msg = new StringBuilder();
msg.append(" param[0] areaCode:");
@@ -299,7 +301,8 @@
msg.append(" param[0] accountId:");
msg.append(accountId);
log.warn(msg);
- return "401";
+ model.setViewName("401");
+ return model;
}
}
@RequestMapping(value="/get-monitorpoints",method = RequestMethod.GET)
diff --git a/src/main/java/com/moral/security/config/WebSecurityConfig.java b/src/main/java/com/moral/security/config/WebSecurityConfig.java
index 2d1fceb..c04d95d 100644
--- a/src/main/java/com/moral/security/config/WebSecurityConfig.java
+++ b/src/main/java/com/moral/security/config/WebSecurityConfig.java
@@ -1,6 +1,7 @@
package com.moral.security.config;
import com.fasterxml.jackson.databind.ObjectMapper;
+import com.moral.common.util.ResourceUtil;
import com.moral.security.CustomCorsFilter;
import com.moral.security.RestAuthenticationEntryPoint;
import com.moral.security.auth.login.LoginAuthenticationProvider;
@@ -9,6 +10,8 @@
import com.moral.security.auth.jwt.JwtTokenAuthenticationProcessingFilter;
import com.moral.security.auth.jwt.SkipPathRequestMatcher;
import com.moral.security.auth.jwt.extractor.TokenExtractor;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -22,6 +25,7 @@
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
@@ -89,12 +93,19 @@
@Override
protected void configure(HttpSecurity http) throws Exception {
- List<String> permitAllEndpointList = Arrays.asList(
- AUTHENTICATION_URL,
- REFRESH_TOKEN_URL,
- "/screen/**"
- );
+ List<String> permitAllEndpointList = new ArrayList<>(Arrays.asList(
+ AUTHENTICATION_URL,
+ REFRESH_TOKEN_URL
+ ));
+ // ������������������url
+ String noFilters = ResourceUtil.getValue("noFilters");
+ if(!StringUtils.isBlank(noFilters)){
+ String[] noFilterArray = noFilters.split(",");
+ if(!ArrayUtils.isEmpty(noFilterArray)){
+ permitAllEndpointList.addAll(Arrays.asList(noFilterArray));
+ }
+ }
http
.csrf().disable() // We don't need CSRF for JWT based authentication
.exceptionHandling()
diff --git a/src/main/resources/system/sysConfig.properties b/src/main/resources/system/sysConfig.properties
index d2a12c9..82f508b 100644
--- a/src/main/resources/system/sysConfig.properties
+++ b/src/main/resources/system/sysConfig.properties
@@ -27,4 +27,4 @@
e19-standard=50
orgId=-1
password=123456
-noFilters=login
\ No newline at end of file
+noFilters=/screen/**,/**/*.jsp,/**/*.js,/**/*.png,/**/*.ico
\ No newline at end of file
--
Gitblit v1.8.0