aidlab/aida_back
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dev跨域问题初步验证

Browse Source
This commit is contained in:
litianxiang
2025-12-02 14:27:31 +08:00
parent 964ee1c5cc
commit aa0a787e3f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/ai/da/common/security/config/SecurityConfig.java
View File

@@ -7,6 +7,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -57,7 +58,7 @@ public class SecurityConfig {
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
httpSecurity httpSecurity
.cors(AbstractHttpConfigurer::disable) .cors(Customizer.withDefaults())
.authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth
.requestMatchers(securityProperties.getIgnorePaths()).permitAll() .requestMatchers(securityProperties.getIgnorePaths()).permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
@@ -75,7 +76,6 @@ public class SecurityConfig {
.successHandler(userLoginSuccessHandler) .successHandler(userLoginSuccessHandler)
.failureHandler(userLoginFailureHandler) .failureHandler(userLoginFailureHandler)
) )
.cors(AbstractHttpConfigurer::disable)
.csrf(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session .sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) .sessionCreationPolicy(SessionCreationPolicy.STATELESS)