update

cms/pom.xml

@@ -51,16 +51,6 @@
 		<dependency>
 			<groupId>com.ym</groupId>
 			<artifactId>common-core</artifactId>
-			<exclusions>
-				<exclusion>
-					<groupId>org.springframework.cloud</groupId>
-					<artifactId>spring-cloud-starter-oauth2</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>org.springframework.boot</groupId>
-					<artifactId>spring-boot-starter-security</artifactId>
-				</exclusion>
-			</exclusions>
 		</dependency>
 	</dependencies>
 </project>

cms/src/main/java/com/ym/mec/cms/CmsServerApplication.java

@@ -17,7 +17,7 @@ import com.spring4all.swagger.EnableSwagger2Doc;
 @EnableDiscoveryClient
 @EnableFeignClients
 @MapperScan("com.ym.mec.cms.dal.dao")
-@ComponentScan(basePackages = { "com.ym.mec.cms", "com.ym.mec.common.config" })
+@ComponentScan(basePackages = { "com.ym.mec.cms", "com.ym.mec.common.config", "com.ym.mec.common.security" })
 @Configuration
 @EnableSwagger2Doc
 public class CmsServerApplication {

cms/src/main/java/com/ym/mec/cms/config/ResourceServerConfig.java

@@ -0,0 +1,37 @@
+package com.ym.mec.cms.config;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+
+import com.ym.mec.common.security.BaseAccessDeniedHandler;
+import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
+
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+	@Autowired
+	private BaseAccessDeniedHandler baseAccessDeniedHandler;
+
+	@Autowired
+	private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
+
+	@Override
+	public void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable().exceptionHandling()
+				.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
+				.authorizeRequests().antMatchers("/v2/api-docs", "/news/list", "/news/query/*").permitAll().anyRequest().authenticated().and().httpBasic();
+	}
+
+	@Override
+	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
+	}
+
+}

cms/src/main/resources/application.yml

@@ -39,6 +39,16 @@ mybatis:
 swagger:
   base-package: com.ym.mec.cms.controller
   
+  
+##认证 
+security:
+  oauth2:
+    client:
+      client-id: app
+      client-secret: app
+    resource:
+      token-info-uri: http://localhost:8001/oauth/check_token
+  
 #spring boot admin 相关配置
 management:
   endpoints:

mec-task/src/main/java/com/ym/mec/task/config/ResourceConfig.java → mec-task/src/main/java/com/ym/mec/task/config/ResourceServerConfig.java

@@ -2,14 +2,25 @@ package com.ym.mec.task.config;
 
 import javax.servlet.http.HttpServletResponse;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+
+import com.ym.mec.common.security.BaseAccessDeniedHandler;
+import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
 
 @Configuration
 @EnableResourceServer
-public class ResourceConfig extends ResourceServerConfigurerAdapter {
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+	@Autowired
+	private BaseAccessDeniedHandler baseAccessDeniedHandler;
+
+	@Autowired
+	private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
 
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
@@ -17,4 +28,9 @@ public class ResourceConfig extends ResourceServerConfigurerAdapter {
 				.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
 				.authorizeRequests().antMatchers("/v2/api-docs").permitAll().anyRequest().authenticated().and().httpBasic();
 	}
+
+	@Override
+	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
+	}
 }

mec-task/src/main/resources/logback-spring.xml

@@ -172,7 +172,7 @@
 
     <!--开发环境:打印控制台-->
     <springProfile name="dev">
-        <logger name="com.ym.mec" level="debug"/>
+        <logger name="com.ym.mec" level="info"/>
     </springProfile>
 
     <root level="info">

mec-web/src/main/java/com/ym/mec/web/config/ResourceConfig.java → mec-web/src/main/java/com/ym/mec/web/config/ResourceServerConfig.java

@@ -2,14 +2,25 @@ package com.ym.mec.web.config;
 
 import javax.servlet.http.HttpServletResponse;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+
+import com.ym.mec.common.security.BaseAccessDeniedHandler;
+import com.ym.mec.common.security.BaseAuthenticationEntryPoint;
 
 @Configuration
 @EnableResourceServer
-public class ResourceConfig extends ResourceServerConfigurerAdapter {
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+	@Autowired
+	private BaseAccessDeniedHandler baseAccessDeniedHandler;
+
+	@Autowired
+	private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;
 
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
@@ -18,4 +29,9 @@ public class ResourceConfig extends ResourceServerConfigurerAdapter {
 				.authorizeRequests().antMatchers("/v2/api-docs").permitAll().anyRequest().authenticated().and().httpBasic();
 	}
 
+	@Override
+	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
+	}
+
 }