Class ComponentSecurityAutoConfiguration

java.lang.Object
com.codeupsoft.component.security.autoconfigure.ComponentSecurityAutoConfiguration
@AutoConfiguration @EnableConfigurationProperties({ComponentSecurityProperties.class,SecurityAuthenticateProperties.class}) @ConditionalOnProperty(prefix="codeupsoft.component.security", name="auto-configure", havingValue="true", matchIfMissing=true) public class ComponentSecurityAutoConfiguration extends Object
组件安全自动配置类.

负责自动配置安全组件相关功能,包括启用配置属性等. 该类使用Spring Boot的自动配置机制,在满足条件时自动注册安全相关的Bean.

Author:
Liu,Dongdong

  • Constructor Details

    • ComponentSecurityAutoConfiguration

      public ComponentSecurityAutoConfiguration()

  • Method Details

    • permissionService

      @Bean("ss") public PermissionService permissionService()
      权限服务Bean.

      提供权限检查和管理功能的服务实例,用于验证用户是否具有访问特定资源的权限.

      Returns:
      权限服务实例

    • securityJwtHandler

      @Bean @ConditionalOnMissingBean(SecurityJwtHandler.class) public SecurityJwtHandler securityJwtHandler()
      默认JWT处理器Bean.

      提供JWT令牌的生成、验证和解析功能的默认实现.

      Returns:
      默认JWT处理器实例

    • redisSecurityAuthenticateUserService

      @Bean @ConditionalOnBean(com.codeupsoft.component.redis.client.RedisTemplateClient.class) @ConditionalOnMissingBean(SecurityAuthenticateUserService.class) @ConditionalOnProperty(prefix="codeupsoft.component.security.authenticate", name="redis-auto-enabled", havingValue="true") public SecurityAuthenticateUserService redisSecurityAuthenticateUserService(com.codeupsoft.component.redis.client.RedisTemplateClient redisTemplateClient, SecurityJwtHandler securityJwtHandler)
      基于Redis的安全认证用户服务Bean.

      当Redis客户端存在且Redis认证启用时,提供基于Redis的用户认证服务实现. 该实现使用JWT令牌结合Redis存储用户信息,实现高效的用户认证和会话管理.

      Parameters:
      redisTemplateClient - Redis模板客户端
      securityJwtHandler - JWT处理器
      Returns:
      基于Redis的安全认证用户服务实例

    • sessionSecurityAuthenticateUserService

      @Bean @ConditionalOnMissingBean(SecurityAuthenticateUserService.class) @ConditionalOnProperty(prefix="codeupsoft.component.security.authenticate", name="redis-auto-enabled", havingValue="false", matchIfMissing=true) public SecurityAuthenticateUserService sessionSecurityAuthenticateUserService()
      基于Session的安全认证用户服务Bean.

      当Redis认证未启用时,提供基于Session的用户认证服务实现. 该实现使用传统的Session机制管理用户会话.

      Returns:
      基于Session的安全认证用户服务实例

    • securityAuthenticateService

      @Bean public SecurityAuthenticateService securityAuthenticateService()

    • anonymousAccessHandler

      @Bean @ConditionalOnMissingBean(AnonymousAccessHandler.class) public AnonymousAccessHandler anonymousAccessHandler(@Qualifier("requestMappingHandlerMapping") org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping requestMappingHandlerMapping, org.springframework.core.env.Environment environment)
      匿名访问处理器Bean.

      用于扫描和处理标记了@AnonymousAccess注解的控制器和方法, 根据环境配置动态构建允许匿名访问的路径列表.

      Parameters:
      requestMappingHandlerMapping - 请求映射处理器
      environment - 环境配置
      Returns:
      匿名访问处理器实例

    • securityAccessDeniedHandler

      @Bean @ConditionalOnMissingBean(SecurityAccessDeniedHandler.class) public SecurityAccessDeniedHandler securityAccessDeniedHandler()
      访问拒绝处理器Bean.

      当用户访问无权限的资源时,返回403禁止访问错误信息. 将错误信息以JSON格式返回给客户端.

      Returns:
      访问拒绝处理器实例

    • securityAuthenticationEntryPoint

      @Bean @ConditionalOnMissingBean(SecurityAuthenticationEntryPoint.class) public SecurityAuthenticationEntryPoint securityAuthenticationEntryPoint()
      认证入口点处理器Bean.

      当用户未认证或认证失败时,返回401未授权错误信息. 将错误信息以JSON格式返回给客户端.

      Returns:
      认证入口点处理器实例

    • securityLogoutSuccessHandler

      @Bean @ConditionalOnMissingBean(SecurityLogoutSuccessHandler.class) public SecurityLogoutSuccessHandler securityLogoutSuccessHandler(SecurityAuthenticateUserService securityAuthenticateUserService)
      退出登录成功处理器Bean.

      当用户成功登出时,清理用户会话信息并返回成功响应. 将成功信息以JSON格式返回给客户端.

      Parameters:
      securityAuthenticateUserService - 安全认证用户服务
      Returns:
      退出登录成功处理器实例

    • passwordEncoder

      @Bean @ConditionalOnMissingBean public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()
      配置密码编码器.

      使用BCrypt算法进行密码加密,提供安全的密码存储方案.

      Returns:
      BCrypt密码编码器

    • securityControllerFilter

      @Bean @ConditionalOnMissingBean(SecurityControllerFilter.class) @ConditionalOnProperty(prefix="codeupsoft.component.security", name="controller-filter-enabled", havingValue="true") public org.springframework.boot.web.servlet.FilterRegistrationBean<SecurityControllerFilter> securityControllerFilter(ComponentSecurityProperties componentSecurityProperties, SecurityAuthenticateService securityAuthenticateService, SecurityAuthenticateUserService securityAuthenticateUserService)
      安全认证控制器过滤器Bean.

      处理登录请求,验证用户身份并生成访问令牌. 该过滤器拦截指定的登录URL,解析请求参数,调用认证服务进行用户验证, 成功后生成并返回访问令牌.

      Parameters:
      componentSecurityProperties - 组件安全配置属性
      securityAuthenticateService - 安全认证服务
      securityAuthenticateUserService - 安全认证用户服务
      Returns:
      安全认证控制器过滤器注册Bean

    • securityFilterChain

      @Bean @ConditionalOnMissingBean @ConditionalOnProperty(prefix="codeupsoft.component.security.filter-chain", name="enabled", havingValue="true", matchIfMissing=true) public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity, SecurityAuthenticateUserService authenticateUserService, SecurityAccessDeniedHandler securityAccessDeniedHandler, SecurityAuthenticationEntryPoint securityAuthenticationEntryPoint, SecurityLogoutSuccessHandler securityLogoutSuccessHandler, AnonymousAccessHandler anonymousAccessHandler)
      Spring Security过滤器链配置Bean.

      配置Spring Security的过滤器链,包括CSRF处理、会话管理、请求授权配置、异常处理和登出配置等. 根据配置文件中的设置动态调整安全策略,支持白名单路径配置和匿名访问路径配置.

      Parameters:
      httpSecurity - HttpSecurity对象,用于构建安全配置
      authenticateUserService - 安全认证用户服务
      securityAccessDeniedHandler - 访问被拒绝处理器
      securityAuthenticationEntryPoint - 未授权访问处理器
      securityLogoutSuccessHandler - 登出成功处理器
      anonymousAccessHandler - 匿名访问处理器
      Returns:
      配置完成的SecurityFilterChain实例