首页
登录 | 注册

activiti+springBoot+springSecurity 权限管理

1、整合activiti modeler 时,为了方便调试页面,我们一般屏蔽登录功能。

@EnableAutoConfiguration(exclude = {
      org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration.class,
      org.activiti.spring.boot.SecurityAutoConfiguration.class
})

给Springboot启动类加上注解去掉Security, 如上,否则访问项目会有登录界面。

2、安全设置

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http
                .authorizeRequests()
                .antMatchers("/static/**").permitAll()
                .antMatchers("/","/login").permitAll()

                .anyRequest().authenticated()
                .and()
                .formLogin()
                //指定登录页的路径
                .loginPage("/login")
                .defaultSuccessUrl("/common/model/main")
                .failureUrl("/login?error")
                //自定义登录接口
                //指定自定义form表单请求的路径
                //必须允许所有用户访问我们的登录页(例如未验证的用户,否则验证流程就会进入死循环)
                //这个formLogin().permitAll()方法允许所有用户基于表单登录访问/login这个page。
                .permitAll()
                .and()
                .logout()
                .permitAll();
        //默认都会产生一个hiden标签 里面有安全相关的验证 防止请求伪造 这边我们暂时不需要 可禁用掉
        http .csrf().disable();

        http.headers().frameOptions().disable();
        // 禁用缓存
        http.headers().cacheControl();

    }


    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        // 使用自定义的 Authentication Provider
        auth.inMemoryAuthentication().withUser("admin").password("123456").roles("USER");
    }
}

3、页面可访问设置

@EnableWebMvc
@Configuration
public class MvcConfig extends WebMvcConfigurerAdapter {

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/static/**").addResourceLocations("classpath:/static/");
        registry.addResourceHandler("/templates/**").addResourceLocations("classpath:/templates/");

        registry.addResourceHandler("/**").addResourceLocations("classpath:/META-INF/resources/").setCachePeriod(0);

        super.addResourceHandlers(registry);
    }

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/common/model/main");
        registry.addViewController("/common/model/index");
        registry.addViewController("/common/model/process");
        registry.addViewController("/common/comSystem/comSystem");
        registry.addViewController("/common/comSystem/add");
        registry.addViewController("/common/comSystem/edit");
        registry.addViewController("/modeler");
        registry.addViewController("/login");
        registry.addRedirectViewController("/","/common/model/main");
        super.addViewControllers(registry);
    }

}



2020 jeepxie.net webmaster#jeepxie.net
10 q. 0.007 s.
京ICP备10005923号