From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Mon, 22 Apr 2019 01:51:16 +0000 (+0800)
Subject: 调试权限问题
X-Git-Tag: 1.0.0^2~269
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=92d15a582a0899e55fed8c9a0b6d72c200566cd3;p=epayment%2Ffood_payapi.git

调试权限问题
---

diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index a5c0279f..b5297148 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -93,7 +93,6 @@ class WebSecurityConfig {
                         .antMatchers("/api/deposit/**").hasRole("THIRD_DEPOSIT")
                         .antMatchers("/api/user/**").hasAnyRole("THIRD_COMMON", "THIRD_ADMIN")
                         .antMatchers("/api/shop/**").hasRole("THIRD_SHOP")
-                        .anyRequest().authenticated()
                 // æ³¨å filter
             }
         }
@@ -135,16 +134,37 @@ class WebSecurityConfig {
                         .antMatchers("/code/image").permitAll()
                         .anyRequest().authenticated()
                         .and()
-                        .sessionManagement()
-                        .invalidSessionStrategy(myInvalidSessionStrategy)
-                        .maximumSessions(1)
-                        .sessionRegistry(SessionRegistryImpl())
-                        .maxSessionsPreventsLogin(true)
-                        .and()
-                        .and()
-                        .headers().frameOptions().disable()
-                        .and()
-                        .csrf().disable()
+                        .formLogin()
+                // è®¾ç½® Web MVC åºç¨æé
+//                http.apply(validateCodeSecurityConfig)
+//                        .and()
+//                        .formLogin()
+//                        .loginPage("/login")
+//                        .loginProcessingUrl("/login/form")
+//                        .successHandler(zyAuthenticationSuccessHandler)
+//                        .failureHandler(zyAuthenticationFailureHandler)
+//                        .and()
+//                        .logout()
+//                        .logoutRequestMatcher(AntPathRequestMatcher("/logout"))
+//                        .logoutSuccessUrl("/login")
+//                        .deleteCookies("JSESSIONID")
+//                        .invalidateHttpSession(true)
+//                        .and()
+//                        .userDetailsService(userDetailsService)
+//                        .authorizeRequests()
+//                        .antMatchers("/login").permitAll()
+//                        .antMatchers("/static/**").permitAll()
+//                        .antMatchers("/code/image").permitAll()
+//                        .anyRequest().authenticated()
+//                        .and()
+//                        .sessionManagement()
+//                        .invalidSessionStrategy(myInvalidSessionStrategy)
+//                        .maximumSessions(1)
+//                        .sessionRegistry(SessionRegistryImpl())
+//                        .maxSessionsPreventsLogin(true)
+//                        .and()
+//                        .and()
+//                        .headers().frameOptions().disable()
             }
         }
     }