|
@@ -1,5 +1,7 @@
|
|
|
package com.ym.mec.teacher.config;
|
|
|
|
|
|
+import com.ym.mec.common.security.BaseAccessDeniedHandler;
|
|
|
+import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|
@@ -8,36 +10,34 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.E
|
|
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
|
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
|
|
|
|
|
-import com.ym.mec.common.security.BaseAccessDeniedHandler;
|
|
|
-import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
|
|
|
-
|
|
|
@Configuration
|
|
|
@EnableResourceServer
|
|
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
|
|
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
|
|
|
|
|
- @Autowired
|
|
|
- private BaseAccessDeniedHandler baseAccessDeniedHandler;
|
|
|
-
|
|
|
- @Autowired
|
|
|
- private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
|
|
|
-
|
|
|
- @Override
|
|
|
- public void configure(HttpSecurity http) throws Exception {
|
|
|
- http.csrf()
|
|
|
- .disable()
|
|
|
- .exceptionHandling()
|
|
|
- .accessDeniedHandler(baseAccessDeniedHandler)
|
|
|
- .authenticationEntryPoint(baseAuthenticationEntryPoint)
|
|
|
- .and()
|
|
|
- .authorizeRequests()
|
|
|
- .antMatchers("/v2/api-docs", "/code/*", "/teacher/queryStudentApply", "/teacher/querySubByMusicGroupId", "/studentRegistration/updateSubject",
|
|
|
- "/studyReport/createEvaluate", "/teacherOrder/*","/teacher/getRegisterOrPreList","/teacherContract/callback").permitAll().anyRequest().authenticated().and().httpBasic();
|
|
|
- }
|
|
|
-
|
|
|
- @Override
|
|
|
- public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
|
|
|
- resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
|
|
|
- }
|
|
|
+ @Autowired
|
|
|
+ private BaseAccessDeniedHandler baseAccessDeniedHandler;
|
|
|
+
|
|
|
+ @Autowired
|
|
|
+ private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public void configure(HttpSecurity http) throws Exception {
|
|
|
+ http.csrf()
|
|
|
+ .disable()
|
|
|
+ .exceptionHandling()
|
|
|
+ .accessDeniedHandler(baseAccessDeniedHandler)
|
|
|
+ .authenticationEntryPoint(baseAuthenticationEntryPoint)
|
|
|
+ .and()
|
|
|
+ .authorizeRequests()
|
|
|
+ .antMatchers("/v2/api-docs", "/code/*", "/teacher/queryStudentApply", "/teacher/querySubByMusicGroupId", "/studentRegistration/updateSubject",
|
|
|
+ "/studyReport/createEvaluate", "/teacherOrder/*", "/teacher/getRegisterOrPreList", "/teacherContract/callback", "/eduPracticeGroup/queryOrderInfo")
|
|
|
+ .permitAll().anyRequest().authenticated().and().httpBasic();
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
|
|
|
+ resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
|
|
|
+ }
|
|
|
|
|
|
}
|