Update SecurityConfig.java

c53f09b7 · 江南一点雨 · 2c565e09 · c53f09b7
隐藏空白更改
内联并排

Showing with 53 addition and 71 deletion

vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/SecurityConfig.java .../src/main/java/org/javaboy/vhr/config/SecurityConfig.java +53 -71

未找到文件。
--- a/vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/SecurityConfig.java
+++ b/vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/SecurityConfig.java
@@ -13,21 +13,11 @@ import org.springframework.security.config.annotation.authentication.builders.Au
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
 import java.io.PrintWriter;

 /**
@@ -59,48 +49,44 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
-        web.ignoring().antMatchers("/css/**","/js/**","/index.html","/img/**","/fonts/**","/favicon.ico","/verifyCode");
+        web.ignoring().antMatchers("/css/**", "/js/**", "/index.html", "/img/**", "/fonts/**", "/favicon.ico", "/verifyCode");
    }

    @Bean
    LoginFilter loginFilter() throws Exception {
        LoginFilter loginFilter = new LoginFilter();
-        loginFilter.setAuthenticationSuccessHandler(new AuthenticationSuccessHandler() {
-            @Override
-            public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-                response.setContentType("application/json;charset=utf-8");
-                PrintWriter out = response.getWriter();
-                Hr hr = (Hr) authentication.getPrincipal();
-                hr.setPassword(null);
-                RespBean ok = RespBean.ok("登录成功!", hr);
-                String s = new ObjectMapper().writeValueAsString(ok);
-                out.write(s);
-                out.flush();
-                out.close();
-            }
-        });
-        loginFilter.setAuthenticationFailureHandler(new AuthenticationFailureHandler() {
-            @Override
-            public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
-                response.setContentType("application/json;charset=utf-8");
-                PrintWriter out = response.getWriter();
-                RespBean respBean = RespBean.error(exception.getMessage());
-                if (exception instanceof LockedException) {
-                    respBean.setMsg("账户被锁定，请联系管理员!");
-                } else if (exception instanceof CredentialsExpiredException) {
-                    respBean.setMsg("密码过期，请联系管理员!");
-                } else if (exception instanceof AccountExpiredException) {
-                    respBean.setMsg("账户过期，请联系管理员!");
-                } else if (exception instanceof DisabledException) {
-                    respBean.setMsg("账户被禁用，请联系管理员!");
-                } else if (exception instanceof BadCredentialsException) {
-                    respBean.setMsg("用户名或者密码输入错误，请重新输入!");
+        loginFilter.setAuthenticationSuccessHandler((request, response, authentication) -> {
+                    response.setContentType("application/json;charset=utf-8");
+                    PrintWriter out = response.getWriter();
+                    Hr hr = (Hr) authentication.getPrincipal();
+                    hr.setPassword(null);
+                    RespBean ok = RespBean.ok("登录成功!", hr);
+                    String s = new ObjectMapper().writeValueAsString(ok);
+                    out.write(s);
+                    out.flush();
+                    out.close();
                }
-                out.write(new ObjectMapper().writeValueAsString(respBean));
-                out.flush();
-                out.close();
-            }
-        });
+        );
+        loginFilter.setAuthenticationFailureHandler((request, response, exception) -> {
+                    response.setContentType("application/json;charset=utf-8");
+                    PrintWriter out = response.getWriter();
+                    RespBean respBean = RespBean.error(exception.getMessage());
+                    if (exception instanceof LockedException) {
+                        respBean.setMsg("账户被锁定，请联系管理员!");
+                    } else if (exception instanceof CredentialsExpiredException) {
+                        respBean.setMsg("密码过期，请联系管理员!");
+                    } else if (exception instanceof AccountExpiredException) {
+                        respBean.setMsg("账户过期，请联系管理员!");
+                    } else if (exception instanceof DisabledException) {
+                        respBean.setMsg("账户被禁用，请联系管理员!");
+                    } else if (exception instanceof BadCredentialsException) {
+                        respBean.setMsg("用户名或者密码输入错误，请重新输入!");
+                    }
+                    out.write(new ObjectMapper().writeValueAsString(respBean));
+                    out.flush();
+                    out.close();
+                }
+        );
        loginFilter.setAuthenticationManager(authenticationManagerBean());
        loginFilter.setFilterProcessesUrl("/doLogin");
        return loginFilter;
@@ -119,35 +105,31 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                })
                .and()
                .logout()
-                .logoutSuccessHandler(new LogoutSuccessHandler() {
-                    @Override
-                    public void onLogoutSuccess(HttpServletRequest req, HttpServletResponse resp, Authentication authentication) throws IOException, ServletException {
-                        resp.setContentType("application/json;charset=utf-8");
-                        PrintWriter out = resp.getWriter();
-                        out.write(new ObjectMapper().writeValueAsString(RespBean.ok("注销成功!")));
-                        out.flush();
-                        out.close();
-                    }
-                })
+                .logoutSuccessHandler((req, resp, authentication) -> {
+                            resp.setContentType("application/json;charset=utf-8");
+                            PrintWriter out = resp.getWriter();
+                            out.write(new ObjectMapper().writeValueAsString(RespBean.ok("注销成功!")));
+                            out.flush();
+                            out.close();
+                        }
+                )
                .permitAll()
                .and()
                .csrf().disable().exceptionHandling()
                //没有认证时，在这里处理结果，不要重定向
-                .authenticationEntryPoint(new AuthenticationEntryPoint() {
-            @Override
-            public void commence(HttpServletRequest req, HttpServletResponse resp, AuthenticationException authException) throws IOException, ServletException {
-                resp.setContentType("application/json;charset=utf-8");
-                resp.setStatus(401);
-                PrintWriter out = resp.getWriter();
-                RespBean respBean = RespBean.error("访问失败!");
-                if (authException instanceof InsufficientAuthenticationException) {
-                    respBean.setMsg("请求失败，请联系管理员!");
-                }
-                out.write(new ObjectMapper().writeValueAsString(respBean));
-                out.flush();
-                out.close();
-            }
-        });
+                .authenticationEntryPoint((req, resp, authException) -> {
+                            resp.setContentType("application/json;charset=utf-8");
+                            resp.setStatus(401);
+                            PrintWriter out = resp.getWriter();
+                            RespBean respBean = RespBean.error("访问失败!");
+                            if (authException instanceof InsufficientAuthenticationException) {
+                                respBean.setMsg("请求失败，请联系管理员!");
+                            }
+                            out.write(new ObjectMapper().writeValueAsString(respBean));
+                            out.flush();
+                            out.close();
+                        }
+                );
        http.addFilterAt(loginFilter(), UsernamePasswordAuthenticationFilter.class);
    }
 }