SysUserDetailsService用户登录service about blog HOT 4 CLOSED

好的，已明白。谢谢大佬---- 回复的原邮件 ***@***.***>发送日期2022年02月15日 16:39 ***@***.***> ***@***.******@***.***>主题Re: [C3Stones/blog] SysUserDetailsService用户登录service (Issue #3) 在系统核心配置类SysSecurityConfig的方法configure中，配置了登录、登出、权限、跨域、Session等相关参数。 ` /** 系统安全核心配置 @author CL */ @configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) // 开启方法权限注解 public class SysSecurityConfig extends WebSecurityConfigurerAdapter { // ...... /** * 安全权限配置 */ @OverRide protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() // 权限配置 .antMatchers(JWTConfig.antMatchers.split(",")).permitAll()// 获取白名单（不进行权限验证） .anyRequest().authenticated() // 其他的需要登陆后才能访问 .and().httpBasic().authenticationEntryPoint(userNotLoginHandler) // 配置未登录处理类 .and().formLogin().loginProcessingUrl("/login/submit")// 配置登录URL .successHandler(userLoginSuccessHandler) // 配置登录成功处理类 .failureHandler(userLoginFailureHandler) // 配置登录失败处理类 .and().logout().logoutUrl("/logout/submit")// 配置登出地址 .logoutSuccessHandler(userLogoutSuccessHandler) // 配置用户登出处理类 .and().exceptionHandling().accessDeniedHandler(userAccessDeniedHandler)// 配置没有权限处理类 .and().cors()// 开启跨域 .and().csrf().disable(); // 禁用跨站请求伪造防护 http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); // 禁用session（使用Token认证） http.headers().cacheControl(); // 禁用缓存 http.addFilter(new JWTAuthenticationFilter(authenticationManager())); //// 添加JWT过滤器 } } ` —Reply to this email directly, view it on GitHub, or unsubscribe.Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you commented.Message ID: ***@***.***> [ { ***@***.***": "http://schema.org", ***@***.***": "EmailMessage", "potentialAction": { ***@***.***": "ViewAction", "target": "#3 (comment)", "url": "#3 (comment)", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { ***@***.***": "Organization", "name": "GitHub", "url": "https://github.com" } } ]