|
@@ -26,9 +26,11 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
|
|
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
|
|
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
|
|
HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
|
|
HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
|
|
String url, method;
|
|
String url, method;
|
|
- if ("anonymousUser".equals(authentication.getPrincipal())
|
|
|
|
- && (matchers("/swagger/**", request)
|
|
|
|
|
|
+ if ("anonymousUser".equals(authentication.getPrincipal())){
|
|
|
|
+ if (matchers("/swagger/**", request)
|
|
|| matchers("/v2/**", request)
|
|
|| matchers("/v2/**", request)
|
|
|
|
+ || matchers("/swagger-ui.html/**", request)
|
|
|
|
+ || matchers("/swagger-resources/**", request)
|
|
|| matchers("/webjars/**", request)
|
|
|| matchers("/webjars/**", request)
|
|
|| matchers("/user/login/**", request)
|
|
|| matchers("/user/login/**", request)
|
|
|| matchers("/user/registry/**", request)
|
|
|| matchers("/user/registry/**", request)
|
|
@@ -37,8 +39,11 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
|
|
|| matchers("/actuator/**", request)
|
|
|| matchers("/actuator/**", request)
|
|
|| matchers("/hystrix/**", request)
|
|
|| matchers("/hystrix/**", request)
|
|
|| matchers("/hi/**", request)
|
|
|| matchers("/hi/**", request)
|
|
- || matchers("/", request))) {
|
|
|
|
- return;
|
|
|
|
|
|
+ || matchers("/", request)){
|
|
|
|
+ return;
|
|
|
|
+ } else {
|
|
|
|
+ throw new AccessDeniedException("no right");
|
|
|
|
+ }
|
|
} else {
|
|
} else {
|
|
for (GrantedAuthority ga : authentication.getAuthorities()) {
|
|
for (GrantedAuthority ga : authentication.getAuthorities()) {
|
|
String[] authority = ga.getAuthority().split(";");
|
|
String[] authority = ga.getAuthority().split(";");
|