From 3dfbc843adf2d4b6affd3d1d14684941a09561fb Mon Sep 17 00:00:00 2001 From: 648540858 <648540858@qq.com> Date: Mon, 3 Apr 2023 10:53:54 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=85=B3=E9=97=AD=E6=8E=A5?= =?UTF-8?q?=E5=8F=A3=E9=89=B4=E6=9D=83=E6=97=B6=EF=BC=8C=E5=A4=84=E4=BA=8E?= =?UTF-8?q?=E5=BF=BD=E7=95=A5=E5=9C=B0=E5=9D=80=E4=B8=AD=E7=9A=84=E6=8E=A5?= =?UTF-8?q?=E5=8F=A3=E4=B8=8D=E5=8F=AF=E7=94=A8=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/JwtAuthenticationFilter.java | 1 - .../vmp/conf/security/WebSecurityConfig.java | 32 ++++++++++--------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java index e50a8b0e..27151eee 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java @@ -38,7 +38,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { return; } if (!userSetting.isInterfaceAuthentication()) { - // 构建UsernamePasswordAuthenticationToken,这里密码为null,是因为提供了正确的JWT,实现自动登录 UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() ); SecurityContextHolder.getContext().setAuthentication(token); chain.doFilter(request, response); diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java index c9a1233b..cea19f81 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java @@ -72,21 +72,23 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { **/ @Override public void configure(WebSecurity web) { - - ArrayList matchers = new ArrayList<>(); - matchers.add("/"); - matchers.add("/#/**"); - matchers.add("/static/**"); - matchers.add("/index.html"); - matchers.add("/doc.html"); - matchers.add("/webjars/**"); - matchers.add("/swagger-resources/**"); - matchers.add("/v3/api-docs/**"); - matchers.add("/js/**"); - matchers.add("/api/device/query/snap/**"); - matchers.addAll(userSetting.getInterfaceAuthenticationExcludes()); - // 可以直接访问的静态数据 - web.ignoring().antMatchers(matchers.toArray(new String[0])); + if (userSetting.isInterfaceAuthentication()) { + ArrayList matchers = new ArrayList<>(); + matchers.add("/"); + matchers.add("/#/**"); + matchers.add("/static/**"); + matchers.add("/index.html"); + matchers.add("/doc.html"); + matchers.add("/webjars/**"); + matchers.add("/swagger-resources/**"); + matchers.add("/v3/api-docs/**"); + matchers.add("/js/**"); + matchers.add("/api/device/query/snap/**"); + matchers.add("/record_proxy/*/**"); + matchers.addAll(userSetting.getInterfaceAuthenticationExcludes()); + // 可以直接访问的静态数据 + web.ignoring().antMatchers(matchers.toArray(new String[0])); + } } /**