|
|
|
@ -38,6 +38,8 @@ import org.springframework.security.config.core.GrantedAuthorityDefaults;
|
|
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
|
import org.springframework.security.web.firewall.HttpFirewall;
|
|
|
|
|
import org.springframework.security.web.firewall.StrictHttpFirewall;
|
|
|
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
|
|
|
import org.springframework.web.method.HandlerMethod;
|
|
|
|
|
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
|
|
|
@ -68,6 +70,14 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
return new GrantedAuthorityDefaults("");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
|
|
|
|
|
StrictHttpFirewall firewall = new StrictHttpFirewall();
|
|
|
|
|
//此处可添加别的规则,目前只设置 允许双 //
|
|
|
|
|
firewall.setAllowUrlEncodedDoubleSlash(true);
|
|
|
|
|
return firewall;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
public PasswordEncoder passwordEncoder() {
|
|
|
|
|
// 密码加密方式
|
|
|
|
|