调试权限问题
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index a5c0279..b529714 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -93,7 +93,6 @@
.antMatchers("/api/deposit/**").hasRole("THIRD_DEPOSIT")
.antMatchers("/api/user/**").hasAnyRole("THIRD_COMMON", "THIRD_ADMIN")
.antMatchers("/api/shop/**").hasRole("THIRD_SHOP")
- .anyRequest().authenticated()
// 注册 filter
}
}
@@ -135,16 +134,37 @@
.antMatchers("/code/image").permitAll()
.anyRequest().authenticated()
.and()
- .sessionManagement()
- .invalidSessionStrategy(myInvalidSessionStrategy)
- .maximumSessions(1)
- .sessionRegistry(SessionRegistryImpl())
- .maxSessionsPreventsLogin(true)
- .and()
- .and()
- .headers().frameOptions().disable()
- .and()
- .csrf().disable()
+ .formLogin()
+ // 设置 Web MVC 应用权限
+// http.apply(validateCodeSecurityConfig)
+// .and()
+// .formLogin()
+// .loginPage("/login")
+// .loginProcessingUrl("/login/form")
+// .successHandler(zyAuthenticationSuccessHandler)
+// .failureHandler(zyAuthenticationFailureHandler)
+// .and()
+// .logout()
+// .logoutRequestMatcher(AntPathRequestMatcher("/logout"))
+// .logoutSuccessUrl("/login")
+// .deleteCookies("JSESSIONID")
+// .invalidateHttpSession(true)
+// .and()
+// .userDetailsService(userDetailsService)
+// .authorizeRequests()
+// .antMatchers("/login").permitAll()
+// .antMatchers("/static/**").permitAll()
+// .antMatchers("/code/image").permitAll()
+// .anyRequest().authenticated()
+// .and()
+// .sessionManagement()
+// .invalidSessionStrategy(myInvalidSessionStrategy)
+// .maximumSessions(1)
+// .sessionRegistry(SessionRegistryImpl())
+// .maxSessionsPreventsLogin(true)
+// .and()
+// .and()
+// .headers().frameOptions().disable()
}
}
}