1

2017-10-14 22:09:23 +08:00 · 2017-10-14 22:09:23 +08:00 · 608545dd15
parent 184ecf65af
commit 608545dd15
1 changed files with 2 additions and 2 deletions
--- a/src/main/java/com/boot/security/server/config/SecurityConfig.java
+++ b/src/main/java/com/boot/security/server/config/SecurityConfig.java
@ -8,9 +8,9 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

 import com.boot.security.server.filter.TokenFilter;
@ -37,7 +37,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {

 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
-		http.addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);
+		http.addFilterBefore(tokenFilter, FilterSecurityInterceptor.class);
 		// 基于token，所以不需要session
 		http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
 		http.authorizeRequests()