From 92d15a582a0899e55fed8c9a0b6d72c200566cd3 Mon Sep 17 00:00:00 2001
From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Mon, 22 Apr 2019 09:51:16 +0800
Subject: [PATCH] =?utf8?q?=E8=B0=83=E8=AF=95=E6=9D=83=E9=99=90=E9=97=AE?=
 =?utf8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 .../kotlin/com/supwisdom/dlpay/security.kt    | 42 ++++++++++++++-----
 1 file changed, 31 insertions(+), 11 deletions(-)

diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index a5c0279f..b5297148 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -93,7 +93,6 @@ class WebSecurityConfig {
                         .antMatchers("/api/deposit/**").hasRole("THIRD_DEPOSIT")
                         .antMatchers("/api/user/**").hasAnyRole("THIRD_COMMON", "THIRD_ADMIN")
                         .antMatchers("/api/shop/**").hasRole("THIRD_SHOP")
-                        .anyRequest().authenticated()
                 // æ³¨å filter
             }
         }
@@ -135,16 +134,37 @@ class WebSecurityConfig {
                         .antMatchers("/code/image").permitAll()
                         .anyRequest().authenticated()
                         .and()
-                        .sessionManagement()
-                        .invalidSessionStrategy(myInvalidSessionStrategy)
-                        .maximumSessions(1)
-                        .sessionRegistry(SessionRegistryImpl())
-                        .maxSessionsPreventsLogin(true)
-                        .and()
-                        .and()
-                        .headers().frameOptions().disable()
-                        .and()
-                        .csrf().disable()
+                        .formLogin()
+                // è®¾ç½® Web MVC åºç¨æé
+//                http.apply(validateCodeSecurityConfig)
+//                        .and()
+//                        .formLogin()
+//                        .loginPage("/login")
+//                        .loginProcessingUrl("/login/form")
+//                        .successHandler(zyAuthenticationSuccessHandler)
+//                        .failureHandler(zyAuthenticationFailureHandler)
+//                        .and()
+//                        .logout()
+//                        .logoutRequestMatcher(AntPathRequestMatcher("/logout"))
+//                        .logoutSuccessUrl("/login")
+//                        .deleteCookies("JSESSIONID")
+//                        .invalidateHttpSession(true)
+//                        .and()
+//                        .userDetailsService(userDetailsService)
+//                        .authorizeRequests()
+//                        .antMatchers("/login").permitAll()
+//                        .antMatchers("/static/**").permitAll()
+//                        .antMatchers("/code/image").permitAll()
+//                        .anyRequest().authenticated()
+//                        .and()
+//                        .sessionManagement()
+//                        .invalidSessionStrategy(myInvalidSessionStrategy)
+//                        .maximumSessions(1)
+//                        .sessionRegistry(SessionRegistryImpl())
+//                        .maxSessionsPreventsLogin(true)
+//                        .and()
+//                        .and()
+//                        .headers().frameOptions().disable()
             }
         }
     }
-- 
2.17.1