From e703d415ff36584518a76d4d26363bfd1556b43b Mon Sep 17 00:00:00 2001
From: xiaoyong931011 <15274802129@163.com>
Date: Tue, 05 Jul 2022 12:01:35 +0800
Subject: [PATCH] Merge branch 'master' of http://120.27.238.55:7000/r/farmer-cms

---
 src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java b/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
index 9456823..0f63511 100644
--- a/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
+++ b/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
@@ -1,6 +1,8 @@
 package com.xcong.farmer.cms.configurations.security;
 
+import com.xcong.farmer.cms.configurations.WebMvcConfig;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -22,6 +24,7 @@
  * @date 2020-05-11
  **/
 @Slf4j
+@AutoConfigureAfter(WebMvcConfig.class)
 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
@@ -29,6 +32,7 @@
 
     @Resource
     private UserDetailsService userDetailsService;
+
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -39,12 +43,16 @@
                 .authorizeRequests()
                 .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                 .antMatchers("/login").permitAll()
+                .antMatchers("/cms/**").permitAll()
+                .antMatchers("/html").permitAll()
                 .antMatchers("/swagger**/**").permitAll()
                 .antMatchers("/webjars/**").permitAll()
                 .antMatchers("/v2/**").permitAll()
                 .antMatchers("/api/common/login").permitAll()
+                .antMatchers("/api/common/captcha").permitAll()
                 .antMatchers("/api/common/doUpload").permitAll()
                 .antMatchers("/api/common/uploadFile").permitAll()
+                .antMatchers("/api/messageBoard/addMessage").permitAll()
                 .antMatchers("/image/**").permitAll()
                 .anyRequest().authenticated()
                 .and().apply(securityConfiguereAdapter());

--
Gitblit v1.9.1