Skip to content

Commit

Permalink
修复jeecgboot#6150,同时修复online表单无法加载问题
Browse files Browse the repository at this point in the history
  • Loading branch information
@EightMonth
EightMonth committed Apr 29, 2024
1 parent 7cac163 commit 6bc1fe8
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 1 deletion.
21 changes: 21 additions & 0 deletions jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package org.apache.shiro;

import org.apache.shiro.subject.Subject;

/**
* 兼容处理Online功能使用处理,请勿修改
* @author eightmonth@qq.com
* @date 2024/4/29 14:05
*/
public class SecurityUtils {


public static Subject getSubject() {
return new Subject() {
@Override
public Object getPrincipal() {
return Subject.super.getPrincipal();
}
};
}
}
14 changes: 14 additions & 0 deletions jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package org.apache.shiro.subject;

import org.jeecg.config.security.utils.SecureUtil;

/**
* 兼容处理Online功能使用处理,请勿修改
* @author eightmonth@qq.com
* @date 2024/4/29 14:18
*/
public interface Subject {
default Object getPrincipal() {
return SecureUtil.currentUser();
}
}
7 changes: 6 additions & 1 deletion jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.jwt.JwtDecoder;
Expand All @@ -37,6 +38,8 @@
import org.springframework.security.oauth2.server.authorization.token.*;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy;
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
import org.springframework.web.cors.CorsConfiguration;
Expand All @@ -47,6 +50,7 @@
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.List;

/**
* spring authorization server核心配置
Expand Down Expand Up @@ -78,7 +82,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h
.tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new SocialGrantAuthenticationConvert())
.authenticationProvider(new SocialGrantAuthenticationProvider(authorizationService, tokenGenerator())))
//开启OpenID Connect 1.0(其中oidc为OpenID Connect的缩写)。 访问 /.well-known/openid-configuration即可获取认证信息
.oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0
.oidc(Customizer.withDefaults());
http
//将需要认证的请求,重定向到login页面行登录认证。
.exceptionHandling((exceptions) -> exceptions
Expand Down Expand Up @@ -161,6 +165,7 @@ public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http)
.requestMatchers(AntPathRequestMatcher.antMatcher("/error")).permitAll()
.anyRequest().authenticated()
)
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
.cors(cors -> cors
.configurationSource(req -> {
CorsConfiguration config = new CorsConfiguration();
Expand Down

0 comments on commit 6bc1fe8

Please sign in to comment.