Home Explore Help
Register Sign In
Rankin
/
rankin
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix

huodongdong 6 years ago
parent
6757e24f70
commit
973392ebf0
3 changed files with 14 additions and 5 deletions
Split View Show Diff Stats
  1. 8 0
      rankin-cms-web/pom.xml
  2. 2 0
      rankin-cms-web/src/main/java/cn/rankin/cmsweb/CmsWebApplication.java
  3. 4 5
      rankin-cms-web/src/main/java/cn/rankin/cmsweb/configuration/SecurityConfig.java

+ 8 - 0
rankin-cms-web/pom.xml
View File 

@@ -46,6 +46,14 @@
 
             <groupId>org.springframework.boot</groupId>
 
             <artifactId>spring-boot-starter-security</artifactId>
 
         </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework.boot</groupId>
 
+            <artifactId>spring-boot-starter-data-redis</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework.session</groupId>
 
+            <artifactId>spring-session-data-redis</artifactId>
 
+        </dependency>
 
 
         <dependency>
 
             <groupId>org.projectlombok</groupId>

+ 2 - 0
rankin-cms-web/src/main/java/cn/rankin/cmsweb/CmsWebApplication.java
View File 

@@ -6,8 +6,10 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
 
 import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
 
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 
 import org.springframework.cloud.netflix.feign.EnableFeignClients;
 
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 
 
 @EnableFeignClients
 
+@EnableRedisHttpSession
 
 @EnableDiscoveryClient
 
 @SpringBootApplication(exclude={DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class})
 
 public class CmsWebApplication {

+ 4 - 5
rankin-cms-web/src/main/java/cn/rankin/cmsweb/configuration/SecurityConfig.java
View File 

@@ -155,8 +155,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
                 .anyRequest().authenticated()
 
                 .and().csrf().disable()
 
                 .authorizeRequests().antMatchers("/login", "/logout", "/favicon.ico", "/error", "/file/**").permitAll()
 
-//                .and().addFilterBefore(jwtAuthenticationTokenFilter, SessionManagementFilter.class);
 
-                .and().addFilter(jwtAuthenticationTokenFilter);
 
+                .and().addFilterBefore(jwtAuthenticationTokenFilter, SessionManagementFilter.class);
 
 
         http
 
                 .formLogin().successHandler(new RestAuthenticationSuccessHandler())
 
@@ -164,10 +163,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
                 .permitAll()
 
                 .and()
 
                 .logout().logoutSuccessHandler(new RestLogoutSuccessHandler())
 
-//                .deleteCookies("JSESSIONID", "JWT_TOKEN")
 
+                .deleteCookies("JSESSIONID", "JWT_TOKEN")
 
                 .permitAll();
 
         //session 管理
 
-//        http.sessionManagement().maximumSessions(5);
 
+        http.sessionManagement().maximumSessions(5);
 
 
         http.exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint());
 
 
@@ -257,7 +256,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
                 throws IOException, ServletException {
 
 
             logger.info("登出成功! ");
 
-            HttpUtil.delCookies(request, response, cookieName);
 
+            HttpUtil.delCookies(request, response, "JSESSIONID", cookieName);
 
             HttpUtil.ok(request, response);
 
 
         }