Home Explore Help
Register Sign In
usoft
/
report-parent
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

使用spring-boot-starter-security,对路径/console, /file/delete, /schedule/*进行身份验证

sunyj 8 years ago
parent
bd66dddcde
commit
8609c336e8
5 changed files with 14 additions and 90 deletions
Split View Show Diff Stats
  1. 4 8
      pom.xml
  2. 0 8
      src/main/java/com/uas/report/WebAppConfiguration.java
  3. 0 25
      src/main/java/com/uas/report/exception/ExceptionHandlerAdvice.java
  4. 0 49
      src/main/java/com/uas/report/filter/FileDeleteFilter.java
  5. 10 0
      src/main/resources/bootstrap.yml

+ 4 - 8
pom.xml
View File 

@@ -40,20 +40,16 @@
 
 			<artifactId>spring-cloud-starter-config</artifactId>

 			<version>${springframeword.cloud.version}</version>

 			<exclusions>

-				<exclusion>

-					<groupId>org.springframework.security</groupId>

-					<artifactId>spring-security-crypto</artifactId>

-				</exclusion>

-				<exclusion>

-					<groupId>org.springframework.security</groupId>

-					<artifactId>spring-security-rsa</artifactId>

-				</exclusion>

 				<exclusion>

 					<groupId>org.slf4j</groupId>

 					<artifactId>log4j-over-slf4j</artifactId>

 				</exclusion>

 			</exclusions>

 		</dependency>

+		<dependency>

+			<groupId>org.springframework.boot</groupId>

+			<artifactId>spring-boot-starter-security</artifactId>

+		</dependency>

 		<dependency>

 			<groupId>org.springframework</groupId>

 			<artifactId>spring-context-support</artifactId>

+ 0 - 8
src/main/java/com/uas/report/WebAppConfiguration.java
View File 

@@ -24,7 +24,6 @@ import com.alibaba.druid.support.http.WebStatFilter;
 
 import com.alibaba.fastjson.serializer.SerializerFeature;

 import com.alibaba.fastjson.support.config.FastJsonConfig;

 import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;

-import com.uas.report.filter.FileDeleteFilter;

 

 @Configuration

 @ComponentScan(basePackages = "com.uas.report.controller")

@@ -73,13 +72,6 @@ public class WebAppConfiguration extends WebMvcConfigurerAdapter {
 
 		super.configureMessageConverters(converters);

 	}

 

-	@Bean

-	public FilterRegistrationBean fileDeleteFilter() {

-		FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new FileDeleteFilter());

-		filterRegistrationBean.addUrlPatterns("/file/delete");

-		return filterRegistrationBean;

-	}

-

 	@Bean

 	public FilterRegistrationBean webStatFilter() {

 		FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();

+ 0 - 25
src/main/java/com/uas/report/exception/ExceptionHandlerAdvice.java
View File 

@@ -2,10 +2,6 @@
 
  */

 package com.uas.report.exception;

 

-import java.io.IOException;

-

-import javax.servlet.http.HttpServletResponse;

-

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.http.HttpHeaders;

@@ -15,7 +11,6 @@ import org.springframework.ui.ModelMap;
 
 import org.springframework.web.bind.annotation.ControllerAdvice;

 import org.springframework.web.bind.annotation.ExceptionHandler;

 

-import com.alibaba.fastjson.JSONObject;

 import com.uas.report.util.ExceptionUtils;

 

 /**

@@ -47,24 +42,4 @@ public class ExceptionHandlerAdvice {
 
 		return new ResponseEntity<ModelMap>(map, headers, HttpStatus.INTERNAL_SERVER_ERROR);

 	}

 

-	/**

-	 * 处理错误

-	 * 

-	 * @param response

-	 * @param status

-	 * @param message

-	 * @param ip

-	 * @throws IOException

-	 */

-	public static void handleError(HttpServletResponse response, Integer status, String message, String ip)

-			throws IOException {

-		logger.error(message + ":" + ip);

-		response.setHeader("Content-type", "text/html;charset=UTF-8");

-		response.setStatus(status);

-		JSONObject jsonObject = new JSONObject();

-		jsonObject.put("success", false);

-		jsonObject.put("message", message);

-		response.getWriter().println(jsonObject);

-	}

-

 }

+ 0 - 49
src/main/java/com/uas/report/filter/FileDeleteFilter.java
View File 

@@ -1,49 +0,0 @@
 
-package com.uas.report.filter;

-

-import java.io.IOException;

-

-import javax.servlet.Filter;

-import javax.servlet.FilterChain;

-import javax.servlet.FilterConfig;

-import javax.servlet.ServletException;

-import javax.servlet.ServletRequest;

-import javax.servlet.ServletResponse;

-import javax.servlet.http.HttpServletRequest;

-import javax.servlet.http.HttpServletResponse;

-

-import com.uas.report.exception.ExceptionHandlerAdvice;

-import com.uas.report.util.IpHelper;

-

-/**

- * 对文件删除进行过滤

- * 

- * @author sunyj

- * @since 2016年12月13日 下午4:46:03

- */

-public class FileDeleteFilter implements Filter {

-

-	@Override

-	public void init(FilterConfig filterConfig) throws ServletException {

-

-	}

-

-	@Override

-	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)

-			throws IOException, ServletException {

-		HttpServletRequest httpRequest = (HttpServletRequest) request;

-		HttpServletResponse httpResponse = (HttpServletResponse) response;

-		// 局域网内才允许执行

-		String ip = IpHelper.getIp(httpRequest);

-		if (!IpHelper.isLAN(ip)) {

-			ExceptionHandlerAdvice.handleError(httpResponse, HttpServletResponse.SC_FORBIDDEN, "没有权限", ip);

-		} else {

-			chain.doFilter(httpRequest, response);

-		}

-	}

-

-	@Override

-	public void destroy() {

-

-	}

-

-}

+ 10 - 0
src/main/resources/bootstrap.yml
View File 

@@ -17,6 +17,16 @@ spring:
 
   properties:

    hibernate:

     dialect: org.hibernate.dialect.Oracle10gDialect

+    

+security:

+ basic:

+  enabled: true

+  path: /console, /file/delete, /schedule/*

+ user:

+  name: admin

+  password: select111***

+  role: ADMIN

+ ignored: false

   

 schedule:

  period: 3600000