guzijian / wvp-GB28181-pro · Commits

Commit c3271d7407e43c176d03c777a89367357c2262e2

Authored by 64850858
1 parent a603f997

优化鉴权例外, 添加.gitignore

Inline Side-by-side
Showing 3 changed files with 12 additions and 3 deletions
.gitignore
  View file @c3271d7
... ... @@ -26,3 +26,4 @@ hs_err_pid*
26 26 /.idea/
27 27 /target/
28 28  
  29 +/src/main/resources/static/
... ...
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
  View file @c3271d7
1 1 package com.genersoft.iot.vmp.conf.security;
2 2  
3 3 import com.genersoft.iot.vmp.conf.UserSetup;
  4 +import org.slf4j.Logger;
  5 +import org.slf4j.LoggerFactory;
4 6 import org.springframework.beans.factory.annotation.Autowired;
5 7 import org.springframework.context.annotation.Bean;
6 8 import org.springframework.context.annotation.Configuration;
... ... @@ -24,6 +26,8 @@ import java.util.List;
24 26 @EnableGlobalMethodSecurity(prePostEnabled = true)
25 27 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
26 28  
  29 + private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
  30 +
27 31 @Autowired
28 32 private UserSetup userSetup;
29 33  
... ... @@ -88,9 +92,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
88 92 .antMatchers("/v3/api-docs/**")
89 93 .antMatchers("/js/**");
90 94 List<String> interfaceAuthenticationExcludes = userSetup.getInterfaceAuthenticationExcludes();
91   - System.out.println(interfaceAuthenticationExcludes.size());
92 95 for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) {
93   - web.ignoring().antMatchers(interfaceAuthenticationExclude);
  96 + if (interfaceAuthenticationExclude.split("/").length < 4 ) {
  97 + logger.warn("{}不满足两极目录,已忽略", interfaceAuthenticationExclude);
  98 + }else {
  99 + web.ignoring().antMatchers(interfaceAuthenticationExclude);
  100 + }
  101 +
94 102 }
95 103 }
96 104 }
... ...
src/main/resources/all-application.yml
  View file @c3271d7
... ... @@ -134,7 +134,7 @@ user-settings:
134 134 wait-track: false
135 135 # 是否开启接口鉴权
136 136 interface-authentication: true
137   - # 接口鉴权例外的接口, 即不进行接口鉴权的接口
  137 + # 接口鉴权例外的接口, 即不进行接口鉴权的接口,尽量详细书写,尽量不用/**,至少两级目录
138 138 interface-authentication-excludes:
139 139 - /api/v1/**
140 140 # 推流直播是否录制
... ...