修正对api的权限控制、及示例
diff --git a/samples/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/api/HelloController.java b/samples/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/api/HelloController.java
new file mode 100644
index 0000000..5719a86
--- /dev/null
+++ b/samples/client/src/main/java/com/supwisdom/leaveschool/client/controller/web/api/HelloController.java
@@ -0,0 +1,22 @@
+package com.supwisdom.leaveschool.client.controller.web.api;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/api/hello")
+public class HelloController {
+
+ @GetMapping(path = "/greeting/{name}", produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+ public Map<String, Object> greeting(@PathVariable("name") String name) {
+ Map<String, Object> result = new HashMap<String, Object>();
+ result.put("message", "Good " + name);
+ return result;
+ }
+}
diff --git a/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java b/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java
index cf62a89..ad28e02 100644
--- a/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java
+++ b/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/core/userdetails/InMemeryUserDetailsService.java
@@ -26,6 +26,7 @@
logger.debug("InMemeryUserDetailsService.loadUserByUsername({})", username);
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+ authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
authorities.add(new SimpleGrantedAuthority("administrator"));
authorities.add(new SimpleGrantedAuthority("user"));
diff --git a/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java b/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java
index c06a5a8..6cd9190 100644
--- a/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java
+++ b/samples/client/src/main/java/com/supwisdom/leaveschool/client/security/web/access/intercept/MyFilterInvocationSecurityMetadataSource.java
@@ -31,13 +31,16 @@
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
//sampleUser1SecurityUserRemoteService.loadPermissionsByAppcode()
-
+
+ AntPathRequestMatcher requestMatcher0 = new AntPathRequestMatcher("/api/**");
+ Collection<ConfigAttribute> attributes0 = new ArrayList<ConfigAttribute>(); // FIXME: 返回当前请求的url 对应的 角色代码
+ attributes0.add(new SecurityConfig("user"));
+ requestMap.put(requestMatcher0, attributes0);
+
AntPathRequestMatcher requestMatcher = new AntPathRequestMatcher("/web/**");
-
Collection<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(); // FIXME: 返回当前请求的url 对应的 角色代码
attributes.add(new SecurityConfig("user"));
-
requestMap.put(requestMatcher, attributes);
}
}