Commit 3c97b106 by 阳浪

解决安全漏扫问题

parent 5e2b9ef2
package com.yizhi.certificate.application; package com.yizhi.certificate.application;
import com.yizhi.core.application.security.config.SpringSecurityConfig;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.amqp.RabbitAutoConfiguration; import org.springframework.boot.autoconfigure.amqp.RabbitAutoConfiguration;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient; import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.cloud.openfeign.EnableFeignClients; import org.springframework.cloud.openfeign.EnableFeignClients;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.DependsOn;
/** /**
* @Author: shengchenglong * @Author: shengchenglong
...@@ -20,5 +23,9 @@ public class CertificateApplication { ...@@ -20,5 +23,9 @@ public class CertificateApplication {
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(CertificateApplication.class, args); SpringApplication.run(CertificateApplication.class, args);
} }
@Bean
public SpringSecurityConfig springSecurityConfig(){
return new SpringSecurityConfig();
}
} }
...@@ -10,11 +10,15 @@ import org.springframework.web.context.request.async.DeferredResult; ...@@ -10,11 +10,15 @@ import org.springframework.web.context.request.async.DeferredResult;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.service.ApiInfo; import springfox.documentation.builders.PathSelectors;
import springfox.documentation.service.*;
import springfox.documentation.spi.DocumentationType; import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket; import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2; import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.Collections;
import static com.google.common.base.Predicates.or; import static com.google.common.base.Predicates.or;
import static springfox.documentation.builders.PathSelectors.regex; import static springfox.documentation.builders.PathSelectors.regex;
...@@ -59,7 +63,21 @@ public class SwaggerConfig extends WebMvcConfigurerAdapter { ...@@ -59,7 +63,21 @@ public class SwaggerConfig extends WebMvcConfigurerAdapter {
.select() .select()
.paths(or(regex("/api.*"),regex("/manage.*"))) .paths(or(regex("/api.*"),regex("/manage.*")))
.build() .build()
.apiInfo(apiInfo()); .apiInfo(apiInfo())
.securitySchemes(Collections.singletonList(securitySchema()))
.securityContexts(Collections.singletonList(securityContext()));
}
private SecurityScheme securitySchema() {
return new BasicAuth("BasicAuth");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(Collections.singletonList(
new SecurityReference("BasicAuth", new AuthorizationScope[] {new AuthorizationScope("global", "accessAll")})))
.forPaths(PathSelectors.any())
.build();
} }
private ApiInfo apiInfo() { private ApiInfo apiInfo() {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment