背景,jHipster自动生成的springBoot和angularJs前后台端分离的项目。java后台为了取到当前登录者的信息,所以后台开放了

MicroserviceSecurityConfiguration.java 这个类的注解
//开放前

#@Configuration

#@EnableWebSecurity

#@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class MicroserviceSecurityConfiguration extends WebSecurityConfigurerAdapter {

    private final TokenProvider tokenProvider;

    public MicroserviceSecurityConfiguration(TokenProvider tokenProvider) {

        this.tokenProvider = tokenProvider;

    }

    @Override

    public void configure(WebSecurity web) throws Exception {

        web.ignoring()

            .antMatchers(HttpMethod.OPTIONS, "/**")

            .antMatchers("/app/**/*.{js,html}")

            .antMatchers("/bower_components/**")

            .antMatchers("/i18n/**")

            .antMatchers("/content/**")

            .antMatchers("/swagger-ui/index.html")

            .antMatchers("/test/**")

            .antMatchers("/h2-console/**");

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

            .csrf()

            .disable()

            .headers()

            .frameOptions()

            .disable()

        .and()

            .sessionManagement()

            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)

        .and()

            .authorizeRequests()

            .antMatchers("/api/**").authenticated()

            .antMatchers("/management/health").permitAll()

            .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/swagger-resources/configuration/ui").permitAll()

        .and()

            .apply(securityConfigurerAdapter());

    }

    private JWTConfigurer securityConfigurerAdapter() {

        return new JWTConfigurer(tokenProvider);

    }

    @Bean

    public SecurityEvaluationContextExtension securityEvaluationContextExtension() {

        return new SecurityEvaluationContextExtension();

    }

}
//开放后

package com.famessoft.oplus.cac.config;

import com.famessoft.oplus.cac.security.AuthoritiesConstants;

import com.famessoft.oplus.cac.security.jwt.JWTConfigurer;

import com.famessoft.oplus.cac.security.jwt.TokenProvider;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.http.HttpMethod;

import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.builders.WebSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.config.http.SessionCreationPolicy;

import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;

@Configuration

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)

public class MicroserviceSecurityConfiguration extends WebSecurityConfigurerAdapter {

    private final TokenProvider tokenProvider;

    public MicroserviceSecurityConfiguration(TokenProvider tokenProvider) {//开放注解后,这里会报,could not autowire,no beans of 'TokenProvider' type found.不用管这个错,这个错不影响程运行

        this.tokenProvider = tokenProvider;

    }

    @Override

    public void configure(WebSecurity web) throws Exception {

        web.ignoring()

            .antMatchers(HttpMethod.OPTIONS, "/**")

            .antMatchers("/app/**/*.{js,html}")

            .antMatchers("/bower_components/**")

            .antMatchers("/i18n/**")

            .antMatchers("/content/**")

            .antMatchers("/swagger-ui/index.html")

            .antMatchers("/test/**")

            .antMatchers("/h2-console/**");

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

            .csrf()

            .disable()

            .headers()

            .frameOptions()

            .disable()

        .and()

            .sessionManagement()

            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)

        .and()

            .authorizeRequests()

            .antMatchers("/api/**").authenticated()

            .antMatchers("/management/health").permitAll()

            .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)

            .antMatchers("/swagger-resources/configuration/ui").permitAll()

        .and()

            .apply(securityConfigurerAdapter());

    }

    private JWTConfigurer securityConfigurerAdapter() {

        return new JWTConfigurer(tokenProvider);

    }

    @Bean

    public SecurityEvaluationContextExtension securityEvaluationContextExtension() {

        return new SecurityEvaluationContextExtension();

    }

}

然后使用

SecurityUtils.getCurrentUserLogin()获取系统当前登录者信息

我在本地测试没问题。但是打包放到生产就报下面这个错,很郁闷,找了一下午才找到原因

  c.f.o.cac.security.jwt.TokenProvider     : Invalid JWT signature.

原来是我生产的配置文件配的不对

application-dev.yml

jhipster:

    http:

        version: V_1_1 # To use HTTP/2 you will need SSL support (see above the "server.ssl" configuration)

    cache: # Cache configuration

        hazelcast: # Hazelcast distributed cache

            time-to-live-seconds: 3600

            backup-count: 1

    # CORS is disabled by default on microservices, as you should access them through a gateway.

    # If you want to enable it, please uncomment the configuration below.

    cors:

        allowed-origins: "*"

        allowed-methods: "*"

        allowed-headers: "*"

        # exposed-headers: "Authorization"

        # allow-credentials: true

        max-age: 1800

    security:

        authentication:

            jwt:

                secret: my-secret-token-to-change-in-production

                # Token is valid 24 hours

                token-validity-in-seconds: 86400

                token-validity-in-seconds-for-remember-me: 2592000

application-prod.yml

jhipster:

    http:

        version: V_1_1 # To use HTTP/2 you will need SSL support (see above the "server.ssl" configuration)

        cache: # Used by the CachingHttpHeadersFilter

            timeToLiveInDays: 1461

    cache: # Cache configuration

        hazelcast: # Hazelcast distributed cache

            time-to-live-seconds: 3600

            backup-count: 1

    # CORS is disabled by default on microservices, as you should access them through a gateway.

    # If you want to enable it, please uncomment the configuration below.

    cors:

        allowed-origins: "*"

        allowed-methods: "*"

        allowed-headers: "*"

        # exposed-headers: "Authorization"

        # allow-credentials: true

        max-age: 1800

    security:

        authentication:

            jwt:

                # secret: e2d66542649f38de03a5443a6bddd1ce18f0fe13          #####这是改之前的代码,后台不认识这串字符串,所以secret的命名前后最后一致(默认就是my-secret-token-to-change-in-production), 这里最后命名为字符常规可读的字符串,不需要加密
          secret: my-secret-token-to-change-in-production 
          # Token is valid 24 hours 
          token-validity-in-seconds: 86400 
          token-validity-in-seconds-for-remember-me: 2592000

最新文章

  1. js判断浏览器
  2. Data import/export of Netezza using external table
  3. Hilbert space
  4. PHP中ob系列函数整理
  5. Sublime Text 新建文件可选类型的模版插件: SublimeTmpl
  6. ubuntu中flash的中文乱码解决方法
  7. poj 3368 Frequent values(RMQ)
  8. JS自定义事件(Dom3级事件下)
  9. Entity Framework快速入门--IQueryable与IEnumberable的区别(转载)
  10. float浮动引起的ul高度崩溃与overflow的关系
  11. C++中常用特殊符号简介(& , * , : , :: , ->)
  12. 毕业bg(dfs)
  13. UOJ #5. 【NOI2014】动物园 扩大KMP
  14. Hibernate一级缓存和二级缓存深度比较
  15. 【OpenGL】理解一些基本问题
  16. HBase——HMaster启动之二(HMaster线程的调用)
  17. python绘制图形
  18. ili9325--LCD寄存器配置研究
  19. 动手动脑(lesson 8)
  20. CPP--借助神器VS理解内存存储(含大小端对齐)

热门文章

  1. oracle的常规操作(基本命令)
  2. 【微信小程序】request请求POST提交数据,记得要加上header
  3. 详解C#泛型(二) 获取C#中方法的执行时间及其代码注入 详解C#泛型(一) 详解C#委托和事件(二) 详解C#特性和反射(四) 记一次.net core调用SOAP接口遇到的问题 C# WebRequest.Create 锚点“#”字符问题 根据内容来产生一个二维码
  4. AndroidStudio调用so文件
  5. 机器学习基石第三讲:types of learning
  6. systemctl 配置mysql 开机启动
  7. Spring注解-@Configuration注解、@Bean注解以及配置自动扫描、bean作用域
  8. PHP 生成唯一的激活码
  9. centos 安装部署ftp服务器
  10. 基于jquery仿360网站图片选项卡切换代码