07-03

KevinZhanyang · Sep 18, 2017 · 4aaab05 · 4aaab05
1 parent 966a4df
commit 4aaab05
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/...ity-core/src/main/java/com/imooc/security/core/authorize/ImoocAuthorizeConfigManager.java b/...ity-core/src/main/java/com/imooc/security/core/authorize/ImoocAuthorizeConfigManager.java
@@ -3,7 +3,7 @@
  */
 package com.imooc.security.core.authorize;
 
-import java.util.List;
+import java.util.Set;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -18,14 +18,16 @@
 public class ImoocAuthorizeConfigManager implements AuthorizeConfigManager {
 
 	@Autowired
-	private List<AuthorizeConfigProvider> authorizeConfigProviders;
+	private Set<AuthorizeConfigProvider> authorizeConfigProviders;
 
 	@Override
 	public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
 		for (AuthorizeConfigProvider authorizeConfigProvider : authorizeConfigProviders) {
 			authorizeConfigProvider.config(config);
 		}
-//		config.anyRequest().authenticated();
+		config.anyRequest().authenticated();
 	}
+
+
 
 }
diff --git a/...ty-core/src/main/java/com/imooc/security/core/authorize/ImoocAuthorizeConfigProvider.java b/...ty-core/src/main/java/com/imooc/security/core/authorize/ImoocAuthorizeConfigProvider.java
@@ -17,7 +17,6 @@
  *
  */
 @Component
-@Order(Integer.MIN_VALUE)
 public class ImoocAuthorizeConfigProvider implements AuthorizeConfigProvider {
 
 	@Autowired

diff --git a/imooc-security-demo/src/main/java/com/imooc/security/DemoAuthorizeConifgProvider.java b/imooc-security-demo/src/main/java/com/imooc/security/DemoAuthorizeConifgProvider.java
@@ -3,7 +3,6 @@
  */
 package com.imooc.security;
 
-import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
 import org.springframework.stereotype.Component;
@@ -15,7 +14,6 @@
  *
  */
 @Component
-@Order(Integer.MAX_VALUE)
 public class DemoAuthorizeConifgProvider implements AuthorizeConfigProvider {
 
 	/* (non-Javadoc)
@@ -24,7 +22,8 @@ public class DemoAuthorizeConifgProvider implements AuthorizeConfigProvider {
 	@Override
 	public void config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
 
-		config.anyRequest().access("@rbacService.hasPermission(request, authentication)");
+		config.antMatchers("/demo.html")
+			.hasRole("ADMIN");
 	}
 
 }