diff --git a/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java b/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java new file mode 100644 index 0000000000..dd88d715e9 --- /dev/null +++ b/jeecg-boot-base-core/src/main/java/org/apache/shiro/SecurityUtils.java @@ -0,0 +1,21 @@ +package org.apache.shiro; + +import org.apache.shiro.subject.Subject; + +/** + * 兼容处理Online功能使用处理,请勿修改 + * @author eightmonth@qq.com + * @date 2024/4/29 14:05 + */ +public class SecurityUtils { + + + public static Subject getSubject() { + return new Subject() { + @Override + public Object getPrincipal() { + return Subject.super.getPrincipal(); + } + }; + } +} diff --git a/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java b/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java new file mode 100644 index 0000000000..b5c3aaf1e3 --- /dev/null +++ b/jeecg-boot-base-core/src/main/java/org/apache/shiro/subject/Subject.java @@ -0,0 +1,14 @@ +package org.apache.shiro.subject; + +import org.jeecg.config.security.utils.SecureUtil; + +/** + * 兼容处理Online功能使用处理,请勿修改 + * @author eightmonth@qq.com + * @date 2024/4/29 14:18 + */ +public interface Subject { + default Object getPrincipal() { + return SecureUtil.currentUser(); + } +} diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java index d5e3195e0d..450008eac3 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/SecurityConfig.java @@ -24,6 +24,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.jwt.JwtDecoder; @@ -37,6 +38,8 @@ import org.springframework.security.oauth2.server.authorization.token.*; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; +import org.springframework.security.web.header.writers.frameoptions.RegExpAllowFromStrategy; +import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher; import org.springframework.web.cors.CorsConfiguration; @@ -47,6 +50,7 @@ import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.util.Arrays; +import java.util.List; /** * spring authorization server核心配置 @@ -78,7 +82,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity h .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenRequestConverter(new SocialGrantAuthenticationConvert()) .authenticationProvider(new SocialGrantAuthenticationProvider(authorizationService, tokenGenerator()))) //开启OpenID Connect 1.0(其中oidc为OpenID Connect的缩写)。 访问 /.well-known/openid-configuration即可获取认证信息 - .oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0 + .oidc(Customizer.withDefaults()); http //将需要认证的请求,重定向到login页面行登录认证。 .exceptionHandling((exceptions) -> exceptions @@ -161,6 +165,7 @@ public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) .requestMatchers(AntPathRequestMatcher.antMatcher("/error")).permitAll() .anyRequest().authenticated() ) + .headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable)) .cors(cors -> cors .configurationSource(req -> { CorsConfiguration config = new CorsConfiguration();