笔记:activiti7微服务项目中spring security强绑定处理 | 您所在的位置:网站首页 › class orgspringframeworksecuritycoreuserdetailsUser › 笔记:activiti7微服务项目中spring security强绑定处理 |
我们项目是个SpringCloud微服务项目,权限是单独的微服务,前段时间集成了activiti7,在做到拾取和取消拾取任务时发现需要强绑定ACTIVITI角色,不指定角色的话报错UsernameNotFoundException,网上查询方法去掉Security,但还是报错; 后来想办法,只能在本服务中先绑定个默认的角色,然后在强绑定ACTIVITI角色的方法添加这个默认角色,这样既不影响整个系统的权限,又能正常调用各个方法。 1.重写UserDetailsService,在每个user中都添加ROLE_ACTIVITI_USER角色 import org.assertj.core.util.Lists; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.User; import java.util.List; public class UserDetailsServiceImpl implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { List grantedAuthorities = Lists.newArrayList(); GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ACTIVITI_USER"); grantedAuthorities.add(grantedAuthority); return new User(username,"123",grantedAuthorities); } }2. WebSecurityConfiguration中注入UserDetailsServiceImpl ;注意:@EnableOAuth2Sso是本服务器项目中统一权限模块的注解 import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; @EnableOAuth2Sso @Configuration @EnableWebSecurity public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { private Logger logger = LoggerFactory.getLogger(WebSecurityConfiguration.class); @Bean @Override public UserDetailsService userDetailsService() { return new UserDetailsServiceImpl(); } @Override @Autowired public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService()); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().authenticated(); http.csrf().disable(); } @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/swagger-ui.html","/swagger/**","/webjars/**" ,"/swagger-resources/**","/**/v2/api-docs","/webservice/**","/services/**"); } }3.SecurityUtil类 import com.mzy.activiti.config.UserDetailsServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextImpl; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Component; import java.util.Collection; @Component public class SecurityUtil { @Autowired private UserDetailsServiceImpl userDetailsService; public void logInAs(String username) { UserDetails user = userDetailsService.loadUserByUsername(username); if (user == null) { throw new IllegalStateException("User " + username + " doesn't exist, please provide a valid user"); } SecurityContextHolder.setContext(new SecurityContextImpl(new Authentication() { @Override public Collection |
CopyRight 2018-2019 实验室设备网 版权所有 |