From 76fe49c425a827eeed086f67d8c7f516a98d36b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=99=88=E8=A3=95=E8=B4=A2?= Date: Thu, 5 Oct 2023 18:34:59 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8D=87=E7=BA=A72.0.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/com/mdp/WebSecurityConfig.java | 7 +++++++ mdp-form/src/test/java/com/mdp/WebSecurityConfig.java | 9 +++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/mdp-form-bootstrap/src/main/java/com/mdp/WebSecurityConfig.java b/mdp-form-bootstrap/src/main/java/com/mdp/WebSecurityConfig.java index 4a35ffb..38fc8cf 100644 --- a/mdp-form-bootstrap/src/main/java/com/mdp/WebSecurityConfig.java +++ b/mdp-form-bootstrap/src/main/java/com/mdp/WebSecurityConfig.java @@ -6,6 +6,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.oauth2.jwt.JwtDecoder; /** * com.qqkj.WebSecurityConfig @@ -16,6 +18,9 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { + @Autowired + JwtDecoder jwtDecoder; + @Autowired JwtAuthenticationConverter jwtConverter; @@ -37,6 +42,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http.oauth2Login(); http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter); http.csrf().disable(); + http.oauth2ResourceServer().jwt().decoder(jwtDecoder).jwtAuthenticationConverter(jwtConverter); + http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER);//禁用session } } diff --git a/mdp-form/src/test/java/com/mdp/WebSecurityConfig.java b/mdp-form/src/test/java/com/mdp/WebSecurityConfig.java index 4a35ffb..2bf7c3b 100644 --- a/mdp-form/src/test/java/com/mdp/WebSecurityConfig.java +++ b/mdp-form/src/test/java/com/mdp/WebSecurityConfig.java @@ -6,6 +6,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.oauth2.jwt.JwtDecoder; /** * com.qqkj.WebSecurityConfig @@ -19,6 +21,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired JwtAuthenticationConverter jwtConverter; + @Autowired + JwtDecoder jwtDecoder; @Override public void configure(WebSecurity web) throws Exception { @@ -34,8 +38,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().authenticated().and().oauth2Client().and().logout().disable(); http.formLogin().usernameParameter("userloginid"); - http.oauth2Login(); - http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter); + //http.oauth2Login(); + http.oauth2ResourceServer().jwt().decoder(jwtDecoder).jwtAuthenticationConverter(jwtConverter); + http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER);//禁用session http.csrf().disable(); }