From 97c9d4b8d9ff5a33b7ca3985e8d620a76255971a Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Mon, 08 Jun 2020 10:54:44 +0800
Subject: [PATCH] modify

---
 src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java |    4 +++-
 src/main/java/com/xcong/excoin/configurations/security/CustomAccessDeniedHandler.java      |    2 +-
 src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java              |    3 +++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/xcong/excoin/configurations/security/CustomAccessDeniedHandler.java b/src/main/java/com/xcong/excoin/configurations/security/CustomAccessDeniedHandler.java
index d0bf50e..34f840f 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/CustomAccessDeniedHandler.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/CustomAccessDeniedHandler.java
@@ -19,7 +19,7 @@
 public class CustomAccessDeniedHandler implements AccessDeniedHandler {
     @Override
     public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
-        Result result = Result.loginFail("fail");
+        Result result = Result.loginFail("Forbidden");
         httpServletResponse.getWriter().write(new ObjectMapper().writeValueAsString(result));
         httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
     }
diff --git a/src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java b/src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java
index a28ffb8..7f8444c 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java
@@ -6,6 +6,7 @@
 import org.springframework.security.web.AuthenticationEntryPoint;
 
 import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -18,9 +19,10 @@
 
     @Override
     public void commence(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
-        Result result = Result.loginFail("fail");
+        Result result = Result.loginFail("Unauthorized");
         response.setCharacterEncoding("UTF-8");
         response.setContentType("application/json; charset=utf-8");
         response.getWriter().write(new ObjectMapper().writeValueAsString(result));
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
     }
 }
diff --git a/src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java b/src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java
index 3489e2c..8a1edd2 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java
@@ -43,6 +43,9 @@
                 .antMatchers("/swagger**/**").permitAll()
                 .antMatchers("/webjars/**").permitAll()
                 .antMatchers("/v2/**").permitAll()
+                .antMatchers("/api/symbols/**").permitAll()
+                .antMatchers("/common/**").permitAll()
+                .antMatchers("/api/exchange/**").permitAll()
                 .anyRequest().authenticated()
                 .and().apply(securityConfiguereAdapter());
     }

--
Gitblit v1.9.1