公共服务security版本:
新服务spring boot版本:2.2.8.RELEASE security版本:5.2.5.RELEASE
因为会有版本冲突,所以需用处理
首先注释掉新服务的seurity,然后在新服务上配置security
增加web.xml引入,需要在web.xml中配置监听
其次把新服务改为war包启动
public class IHomeApplication extends SpringBootServletInitializer {
public final static Logger log = LoggerFactory.getLogger(IHomeApplication.class);
public static void main(String[] args) throws UnknownHostException {
ConfigurableApplicationContext applicatio = SpringApplication.run(IHomeApplication.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(IHomeApplication.class);
}
}
修改pom文件,增加插件和依赖:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope></dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope></dependency>
修改输出路径:
配置session:
引入共用服务的security
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.2.3.RELEASE</version><!--$NO-MVN-MAN-VER$-->
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.2.3.RELEASE</version><!--$NO-MVN-MAN-VER$-->
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.2.3.RELEASE</version><!--$NO-MVN-MAN-VER$-->
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
<version>3.2.3.RELEASE</version><!--$NO-MVN-MAN-VER$-->
</dependency>
在resources目录下增加spring-security-cas.xml文件
此时访问测试会有拦截
还需要放开拦截并关闭csrf
@Configuration
public class BrowerSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/hr","/test/**").permitAll() //指定放开的路径,包括登录页面,样式路径,登录请求路径
.anyRequest().authenticated()
;//其他地址的访问均需验证权限
}
}
此时可以访问接口,接下来进行个性化配置,登录url等即可