修改

fd0d5dba · jiang'yun · 14fc6c70 · fd0d5dba · fd0d5dba · fd0d5dba
Commit fd0d5dba authored Dec 04, 2025 by jiang'yun
8 changed files
--- a/src/main/java/com/zjsgfa/framework/config/SecurityConfig.java
+++ b/src/main/java/com/zjsgfa/framework/config/SecurityConfig.java
@@ -114,6 +114,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
+        System.out.println(casProperties.isCasEnable());
        if (!casProperties.isCasEnable()) {
            httpSecurity
                    // CSRF禁用，因为不使用session
@@ -146,48 +147,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                    .addFilterBefore(corsFilter, LogoutFilter.class);
        }
-        if (casProperties.isCasEnable()) {
-            httpSecurity
-                    // CSRF禁用，因为不使用session
-                    .csrf(csrf -> csrf.disable())
-                    // 禁用HTTP响应标头
-                    .headers((headersCustomizer) -> {
-                        headersCustomizer.cacheControl(cache -> cache.disable()).frameOptions(options -> options.sameOrigin());
-                    })
-                    // 认证失败处理类
-                    .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
-                    // 基于token，所以不需要session
-                    .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                    // 注解标记允许匿名访问的url
-                    .authorizeHttpRequests((requests) -> {
-                        permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
-                        // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                        requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
-                                // 静态资源，可匿名访问
-                                .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
-                                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**", "/**/**").permitAll()
-                                // 除上面外的所有请求全部需要鉴权认证
-                                .anyRequest().authenticated();
-                    });
-            //单点登录登出
-            httpSecurity.logout().permitAll().logoutSuccessHandler(logoutSuccessHandler);
-            // Custom JWT based security filter
-            httpSecurity.addFilter(casAuthenticationFilter())
-                    .addFilterBefore(authenticationTokenFilter, CasAuthenticationFilter.class)
-                    //.addFilterBefore(casLogoutFilter(), LogoutFilter.class)
-                    .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class).exceptionHandling()
-                    //认证失败
-                    .authenticationEntryPoint(casAuthenticationEntryPoint());
-            // 添加CORS filter
-            httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
-            httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
-            // disable page caching
-            httpSecurity.headers().cacheControl();
-        }
-        //开启cas
 //        if (casProperties.isCasEnable()) {
 //            httpSecurity
 //                    // CSRF禁用，因为不使用session
@@ -196,30 +155,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 //                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
 //                    // 过滤请求
 //                    .authorizeRequests()
-//                    // 对于登录login 验证码captchaImage 允许匿名访问
-//                    //.antMatchers("/login", "/captchaImage").anonymous()
 //                    .antMatchers(
 //                            HttpMethod.GET,
 //                            "/*.html",
 //                            "/**/*.html",
 //                            "/**/*.css",
-//                            "/**/*.js"
+//                            "/**/*.js",
+//                            "/"
 //                    ).permitAll()
 //                    .antMatchers("/profile/**").anonymous()
-//                    .antMatchers("/common/download**").anonymous()
-//                    .antMatchers("/common/download/resource**").anonymous()
-//                    .antMatchers("/swagger-ui.html").anonymous()
-//                    .antMatchers("/swagger-resources/**").anonymous()
-//                    .antMatchers("/webjars/**").anonymous()
-//                    .antMatchers("/*/api-docs").anonymous()
-//                    .antMatchers("/druid/**").anonymous()
-//                    .antMatchers("/websocket/**").anonymous()
-//                    .antMatchers("/magic/web/**").anonymous()
 //                    .antMatchers("/**/**").anonymous()
+//                    .antMatchers("/").anonymous()
 //                    // 除上面外的所有请求全部需要鉴权认证
 //                    .anyRequest().authenticated()
 //                    .and()
 //                    .headers().frameOptions().disable();
+//
 //            //单点登录登出
 //            httpSecurity.logout().permitAll().logoutSuccessHandler(logoutSuccessHandler);
 //            // Custom JWT based security filter
@@ -236,6 +187,55 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 //            // disable page caching
 //            httpSecurity.headers().cacheControl();
 //        }
+        //开启cas
+        if (casProperties.isCasEnable()) {
+            httpSecurity
+                    // CSRF禁用，因为不使用session
+                    .csrf().disable()
+                    // 基于token，所以不需要session
+                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
+                    // 过滤请求
+                    .authorizeRequests()
+                    // 对于登录login 验证码captchaImage 允许匿名访问
+                    //.antMatchers("/login", "/captchaImage").anonymous()
+                    .antMatchers(
+                            HttpMethod.GET,
+                            "/*.html",
+                            "/**/*.html",
+                            "/**/*.css",
+                            "/**/*.js"
+                    ).permitAll()
+                    .antMatchers("/profile/**").anonymous()
+                    .antMatchers("/common/download**").anonymous()
+                    .antMatchers("/common/download/resource**").anonymous()
+                    .antMatchers("/swagger-ui.html").anonymous()
+                    .antMatchers("/swagger-resources/**").anonymous()
+                    .antMatchers("/webjars/**").anonymous()
+                    .antMatchers("/*/api-docs").anonymous()
+                    .antMatchers("/druid/**").anonymous()
+                    .antMatchers("/websocket/**").anonymous()
+                    .antMatchers("/magic/web/**").anonymous()
+                    // 除上面外的所有请求全部需要鉴权认证
+                    .anyRequest().authenticated()
+                    .and()
+                    .headers().frameOptions().disable();
+            //单点登录登出
+            httpSecurity.logout().permitAll().logoutSuccessHandler(logoutSuccessHandler);
+            // Custom JWT based security filter
+            httpSecurity.addFilter(casAuthenticationFilter())
+                    .addFilterBefore(authenticationTokenFilter, CasAuthenticationFilter.class)
+                    //.addFilterBefore(casLogoutFilter(), LogoutFilter.class)
+                    .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class).exceptionHandling()
+                    //认证失败
+                    .authenticationEntryPoint(casAuthenticationEntryPoint());
+            // 添加CORS filter
+            httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
+            httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
+            // disable page caching
+            httpSecurity.headers().cacheControl();
+        }
    }
    /**

--- a/src/main/java/com/zjsgfa/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/src/main/java/com/zjsgfa/framework/security/filter/JwtAuthenticationTokenFilter.java
@@ -31,7 +31,9 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
            throws ServletException, IOException
    {
        LoginUser loginUser = tokenService.getLoginUser(request);
+        System.out.println("-----------------doFilterInternal"+loginUser);
        if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
        {
            tokenService.verifyToken(loginUser);

--- a/src/main/java/com/zjsgfa/framework/security/handle/CasAuthenticationSuccessHandler.java
+++ b/src/main/java/com/zjsgfa/framework/security/handle/CasAuthenticationSuccessHandler.java
@@ -46,6 +46,7 @@ public class CasAuthenticationSuccessHandler extends SavedRequestAwareAuthentica
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws ServletException, IOException {
        String targetUrlParameter = getTargetUrlParameter();
+        System.out.println("targetUrlParameter"+targetUrlParameter);
        if (isAlwaysUseDefaultTargetUrl()
                || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
            requestCache.removeRequest(request, response);

--- a/src/main/java/com/zjsgfa/framework/task/MxdyTask.java
+++ b/src/main/java/com/zjsgfa/framework/task/MxdyTask.java
@@ -24,7 +24,7 @@ public class MxdyTask {
    private MxfxjgbMapper mxfxjgbMapper;
-    public void ryParams2(Long mxid)
+    public void ryParams(Long mxid)
    {
        Mxfxjgb mxfxjgb = mxfxjgbMapper.selectMxfxjgbById(mxid);
        try {
@@ -40,7 +40,7 @@ public class MxdyTask {
            listMap.add(map2);
            map.put("content",listMap);
            map.put("value",mxfxjgb.getRwnr());
-            String url = "https://agent.ai.sinopec.com/aicoapi/gateway/v2/workflow/api_run/53f4afd436d2417180cb27d6dc0a3e17";
+            String url = "https://agent.ai.sinopec.com/aicoapi/gateway/v2/workflow/api_run/506d22a5e4e8479b879a836368002ac8";
            String key="278GANwseRJ98YbADs3G1tj7Fg40sI7d";
            Gson gson = new GsonBuilder().setPrettyPrinting().create();
            String json = gson.toJson(map);
@@ -57,7 +57,7 @@ public class MxdyTask {
            // 2. 获取内层data节点
            JsonObject innerData = outerData.getAsJsonObject("data");
            // 3. 获取"文本呈现"字段的值
-            textPresentation = innerData.get("文本呈现_6").getAsString();
+            textPresentation = innerData.get("文本呈现").getAsString();
            // 打印结果
            System.out.println("文本呈现内容：\n" + textPresentation);
@@ -70,7 +70,7 @@ public class MxdyTask {
            mxfxjgbMapper.updateMxfxjgb(mxfxjgb);
        }
    }
-    public void ryParams(Long mxid)
+    public void ryParams2(Long mxid)
    {
        Mxfxjgb mxfxjgb = mxfxjgbMapper.selectMxfxjgbById(mxid);
        try {

--- a/src/main/java/com/zjsgfa/framework/web/service/CasUserDetailsService.java
+++ b/src/main/java/com/zjsgfa/framework/web/service/CasUserDetailsService.java
@@ -34,6 +34,7 @@ public class CasUserDetailsService implements AuthenticationUserDetailsService<C
    @Override
    public UserDetails loadUserDetails(CasAssertionAuthenticationToken token) throws UsernameNotFoundException {
+        System.out.println(token);
        String username = token.getName();
        SysUser user = userService.selectUserByUserName(username);
        if (StringUtils.isNull(user)) {

--- a/src/main/java/com/zjsgfa/project/system/controller/SysIndexController.java
+++ b/src/main/java/com/zjsgfa/project/system/controller/SysIndexController.java
 package com.zjsgfa.project.system.controller;
+import com.zjsgfa.framework.aspectj.lang.annotation.Anonymous;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -22,6 +23,7 @@ public class SysIndexController
     * 访问首页，提示语
     */
    @RequestMapping("/")
+    @Anonymous
    public String index()
    {
        return StringUtils.format("欢迎使用{}后台管理框架，当前版本：v{}，请通过前端地址访问。", ruoyiConfig.getName(), ruoyiConfig.getVersion());

--- a/src/main/java/com/zjsgfa/project/zjsgfa/controller/SjDjjcController.java
+++ b/src/main/java/com/zjsgfa/project/zjsgfa/controller/SjDjjcController.java
--- a/src/main/resources/static/excel/sgfamb.docx
+++ b/src/main/resources/static/excel/sgfamb.docx