当前位置: 首页 > news >正文

flowable 去掉自带的登录权限

news 2024/10/28 15:03:59

重写Security配置,使所有请求都可以通过Security验证。(/**/**)

如:

公共的Security配置

package com.central.workflow.config;import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;@Configuration
public class CustomSecurityConfiguration extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/**/**").permitAll().anyRequest().authenticated().and().csrf().disable(); // 禁用CSRF保护}
}

package com.central.workflow.config;import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;@Configuration
public class CustomSecurityConfiguration extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(HttpSecurity http) throws Exception {SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();successHandler.setTargetUrlParameter("redirectTo");http.headers().frameOptions().disable();http.csrf().disable().authorizeRequests().antMatchers("/**/**").permitAll().anyRequest().authenticated().and().httpBasic();}
}

flowable 6.6.0 以下版本

1. 找到项目maven目录

2.重写SecurityConfiguration

不能建相同包名,类名

package org.flowable.ui.modeler.conf;

package com.central.workflow.config;import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;/*** 重构FlowableSecurity*/
@Configuration
@EnableWebSecurity
public class FlowableSecurityConfiguration {@Configuration@Order(1)public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(HttpSecurity http) throws Exception {SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();successHandler.setTargetUrlParameter("redirectTo");http.headers().frameOptions().disable();http.csrf().disable().authorizeRequests().antMatchers("/**/**").permitAll().anyRequest().authenticated().and().httpBasic();}}}
3.可选配置
/* Licensed under the Apache License, Version 2.0 (the "License");* you may not use this file except in compliance with the License.* You may obtain a copy of the License at**      http://www.apache.org/licenses/LICENSE-2.0** Unless required by applicable law or agreed to in writing, software* distributed under the License is distributed on an "AS IS" BASIS,* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.* See the License for the specific language governing permissions and* limitations under the License.*/
package com.central.workflow.config;import org.flowable.ui.common.service.idm.RemoteIdmService;
import org.flowable.ui.modeler.properties.FlowableModelerAppProperties;
import org.flowable.ui.modeler.servlet.ApiDispatcherServletConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.FilterType;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.servlet.DispatcherServlet;@Configuration
@EnableConfigurationProperties({FlowableModelerAppProperties.class})
@ComponentScan(basePackages = {// "org.flowable.ui.modeler.conf",// 不引入 conf"org.flowable.ui.modeler.repository", //"org.flowable.ui.modeler.service", // 流程设计服务// "org.flowable.ui.admin.repository", //// "org.flowable.ui.admin.service", // 流程部署服务// "org.flowable.ui.modeler.security", //授权方面的都不需要// "org.flowable.ui.common.conf", // flowable 开发环境内置的数据库连接// "org.flowable.ui.common.filter", // IDM 方面的过滤器// "org.flowable.ui.idm.conf", // IDM 配置"org.flowable.ui.common.service","org.flowable.ui.common.repository",
//        "org.flowable.ui.common.security",//授权方面的都不需要"org.flowable.ui.common.tenant"},excludeFilters = {@ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, value = RemoteIdmService.class), // 移除RemoteIdmService
})
public class FlowableConfig {@SuppressWarnings({"rawtypes", "unchecked"})@Beanpublic ServletRegistrationBean modelerApiServlet(ApplicationContext applicationContext) {AnnotationConfigWebApplicationContext dispatcherServletConfiguration = new AnnotationConfigWebApplicationContext();dispatcherServletConfiguration.setParent(applicationContext);dispatcherServletConfiguration.register(ApiDispatcherServletConfiguration.class);DispatcherServlet servlet = new DispatcherServlet(dispatcherServletConfiguration);ServletRegistrationBean registrationBean = new ServletRegistrationBean(servlet, "/**/**");registrationBean.setName("Flowable Modeler App API Servlet");registrationBean.setLoadOnStartup(1);registrationBean.setAsyncSupported(true);return registrationBean;}
}

flowable 6.6.0版本以上版本(包括6.6.0)

1. 找到项目maven目录

2.重写ModelerSecurityConfiguration

在自己项目里面建相同包名,类名

package org.flowable.ui.modeler.conf;

package org.flowable.ui.modeler.conf;import org.flowable.ui.common.security.SecurityConstants;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;/*** 说明:重构ModelerSecurity* from: fhadmin.cn*/
@Configuration(proxyBeanMethods = false)
@EnableWebSecurity
public class ModelerSecurityConfiguration {@Configuration@Order(SecurityConstants.MODELER_API_SECURITY_ORDER)public static class ModelerApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(HttpSecurity http) throws Exception {SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();successHandler.setTargetUrlParameter("redirectTo");http.headers().frameOptions().disable();http.csrf().disable().authorizeRequests().antMatchers("/**/**").permitAll().anyRequest().authenticated().and().httpBasic();}}}


http://www.mrgr.cn/news/60316.html

相关文章:

  • python 爬虫抓取百度热搜
  • Unity编辑器制作多级下拉菜单
  • 深入理解 Webpack:现代前端开发的模块打包器
  • 包装类Integer
  • linux下gpio模拟spi三线时序
  • 一文读懂高考志愿专业名词,让你的志愿填报不再迷茫
  • 基本法代码阅读
  • UDS诊断刷写–跳转执行
  • Sigrity Power SI Noise coupling analysis模式如何观测PDN系统的交流耦合噪声以及平面间电压波动操作指导(二)
  • 未定义项目JDK 解决办法
  • C语言数据结构学习:单链表
  • python3的基本数据类型:Bool(布尔类型)
  • Screen简介和使用
  • Notepad++如何同时检索多个关键字
  • Python自动化个人健康日志与建议:记录日常活动并提供建议
  • Javascript高级:正则表达式基础与应用
  • OOP特性 多态
  • c语言错题——#define对应的查找替换
  • 【JavaEE】【多线程】线程池
  • WebGIS开发之编辑功能(分割、融合、捕捉、追踪)
  • 2023年中国县域统计年鉴(县市卷+乡镇卷)(excel格式)
  • 声学气膜馆:品牌发布会的理想之选—轻空间
  • Labview通讯测试耗时
  • 支持向量机SVM简述
  • Spring Boot摄影工作室:构建Web版在线服务平台
  • jieba:智能文本处理的利器,结巴中文分词