zyml/cn.com.taiji.myapp/src/main/java/cn/com/taiji/Application.java

package cn.com.taiji;

import java.io.File;
import java.io.FileInputStream;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ThreadPoolExecutor;

import javax.inject.Inject;
import javax.servlet.MultipartConfigElement;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;

import org.activiti.engine.ProcessEngine;
import org.activiti.engine.ProcessEngines;
import org.activiti.engine.RepositoryService;
import org.activiti.engine.repository.Deployment;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.Banner;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
import org.springframework.boot.autoconfigure.web.MultipartProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.core.task.SimpleAsyncTaskExecutor;
import org.springframework.core.task.TaskExecutor;
import org.springframework.http.MediaType;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.access.channel.ChannelProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
//import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.web.accept.ContentNegotiationManager;
import org.springframework.web.filter.CharacterEncodingFilter;
import org.springframework.web.multipart.support.StandardServletMultipartResolver;
import org.springframework.web.servlet.View;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.view.ContentNegotiatingViewResolver;
import org.springframework.web.servlet.view.json.MappingJackson2JsonView;
import org.thymeleaf.dialect.IDialect;
import org.thymeleaf.extras.springsecurity4.dialect.SpringSecurityDialect;
import org.thymeleaf.spring4.view.ThymeleafViewResolver;

import com.alibaba.druid.pool.DruidDataSource;
import com.alibaba.druid.support.http.StatViewServlet;
import com.alibaba.druid.support.http.WebStatFilter;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.util.ISO8601DateFormat;
import com.fasterxml.jackson.datatype.joda.JodaModule;

import cn.com.taiji.safety.RefererFilter;
import cn.com.taiji.safety.permission.PermissionFilter;
import cn.com.taiji.safety.xss.XssFilter;
import cn.com.taiji.security.MyAuthenticationProvider;
import cn.com.taiji.security.MyFailureHandler;
import cn.com.taiji.security.MyFilterSecurityInterceptor;
import cn.com.taiji.security.MySecurityMetadataSource;
import cn.com.taiji.security.MySuccessHandler;
import cn.com.taiji.security.MyUserDetailServiceImpl;
import cn.com.taiji.security.MyUsernamePasswordAuthenticationFilter;
import cn.com.taiji.sys.json.SysModule;
import cn.com.taiji.sys.service.LoadingCacheService;
import cn.com.taiji.sys.service.MenuService;
import cn.com.taiji.sys.service.RoleService;
import cn.com.taiji.sys.service.UserService;

@EnableTransactionManagement // 开始事务管理配置
@SpringBootApplication
//@EnableRedisHttpSession
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
@AutoConfigureAfter(JacksonAutoConfiguration.class)
@EnableAutoConfiguration(exclude = { org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration.class,
		org.activiti.spring.boot.SecurityAutoConfiguration.class,
		org.springframework.boot.actuate.autoconfigure.ManagementWebSecurityAutoConfiguration.class })

/**
 * 
 * @ClassName: Application
 * @Description: 工程配置类
 * @author lijiezhi_pc
 * @date 2017年11月22日 下午3:45:29
 *
 */
public class Application extends WebMvcConfigurerAdapter implements CommandLineRunner {
	/*
	 * Caused by: org.springframework.beans.factory.NoUniqueBeanDefinitionException:
	 * No qualifying bean of type [org.springframework.core.task.TaskExecutor] is
	 * defined: expected single matching bean but found 4:
	 * clientInboundChannelExecutor, clientOutboundChannelExecutor,
	 * brokerChannelExecutor, messageBrokerTaskScheduler 解决springboot 集成websocket报错
	 */
	@Bean
	public TaskExecutor taskExecutor() {
		return new SimpleAsyncTaskExecutor();
	}

	static {
		System.setProperty("jasypt.encryptor.password", "123456");
	}


	@Override
	public void run(String... strings) throws Exception {
//		String basePath = "/Users/hujie/Documents/dev/git-repo/taiji/tianjin-cgw/zyml/cn.com.taiji.system/src/main/resources/static/diagrams";
////		1、创建ProcessEngine
//		ProcessEngine processEngine = ProcessEngines.getDefaultProcessEngine();
////        2、得到RepositoryService实例
//		RepositoryService repositoryService = processEngine.getRepositoryService();
////        3、使用RepositoryService进行部署
//		Deployment deployment = repositoryService.createDeployment()
//				.addInputStream("dataPreparation.bpmn", new FileInputStream(new File(basePath + "/dataPreparation.bpmn")))
//				.addInputStream("dataPreparation.png", new FileInputStream(new File(basePath + "/dataPreparation.png")))
//				.name("dataPreparation")
//				.deploy();
//		deployment = repositoryService.createDeployment()
//				.addInputStream("fwSq.bpmn", new FileInputStream(new File(basePath + "/fwSq.bpmn")))
//				.addInputStream("fwSq.png", new FileInputStream(new File(basePath + "/fwSq.png")))
//				.name("服务申请")
//				.deploy();
//		deployment = repositoryService.createDeployment()
//				.addInputStream("fwZc.bpmn", new FileInputStream(new File(basePath + "/fwZc.bpmn")))
//				.addInputStream("fwZc.png", new FileInputStream(new File(basePath + "/fwZc.png")))
//				.name("服务注册")
//				.deploy();
//		deployment = repositoryService.createDeployment()
//				.addInputStream("infoClassZc.bpmn", new FileInputStream(new File(basePath + "/infoClassZc.bpmn")))
//				.addInputStream("infoClassZc.png", new FileInputStream(new File(basePath + "/infoClassZc.png")))
//				.name("信息类注册")
//				.deploy();
//		deployment = repositoryService.createDeployment()
//				.addInputStream("requireInfo.bpmn", new FileInputStream(new File(basePath + "/requireInfo.bpmn")))
//				.addInputStream("requireInfo.png", new FileInputStream(new File(basePath + "/requireInfo.png")))
//				.name("requireInfo")
//				.deploy();
//		deployment = repositoryService.createDeployment()
//				.addInputStream("shareApply.bpmn", new FileInputStream(new File(basePath + "/shareApply.bpmn")))
//				.addInputStream("shareApply.png", new FileInputStream(new File(basePath + "/shareApply.png")))
//				.name("信息类共享")
//				.deploy();
	}

	@Bean
	public ThreadPoolTaskExecutor threadPoolTaskExecutor() {
		ThreadPoolTaskExecutor executor = new ThreadPoolTaskExecutor();
		executor.setCorePoolSize(20);
		executor.setMaxPoolSize(100);
		executor.setQueueCapacity(8);
		executor.setRejectedExecutionHandler(new ThreadPoolExecutor.CallerRunsPolicy()); // 对拒绝task的处理策略
		executor.setKeepAliveSeconds(60);
		executor.initialize();
		return executor;
	}

	@Bean
	public MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter() {
		MappingJackson2HttpMessageConverter reg = new MappingJackson2HttpMessageConverter();
		List<MediaType> supportedMediaTypes = new ArrayList<MediaType>();
		supportedMediaTypes.add(MediaType.APPLICATION_JSON_UTF8);
		supportedMediaTypes.add(MediaType.APPLICATION_FORM_URLENCODED);
		supportedMediaTypes.add(MediaType.APPLICATION_XHTML_XML);
		supportedMediaTypes.add(MediaType.TEXT_PLAIN);
		reg.setSupportedMediaTypes(supportedMediaTypes);
		return reg;
	}

	@Bean
	public ServletRegistrationBean druidServlet() {
		ServletRegistrationBean reg = new ServletRegistrationBean();
		reg.setServlet(new StatViewServlet());
		reg.addUrlMappings("/druid/*");
		reg.addInitParameter("loginUsername", "admin");
		reg.addInitParameter("loginPassword", "Huawei@123");
		return reg;
	}

	@Bean
	@Primary
	public DataSource druidDataSource(@Value("${spring.datasource.driverClassName}") String driver,
			@Value("${spring.datasource.url}") String url, @Value("${spring.datasource.username}") String username,
			@Value("${spring.datasource.password}") String password) {
		DruidDataSource druidDataSource = new DruidDataSource();
		druidDataSource.setDriverClassName(driver);
		druidDataSource.setUrl(url);
		druidDataSource.setDbType("postgresql");
		druidDataSource.setUsername(username);
		druidDataSource.setPassword(password);
		druidDataSource.setInitialSize(10);
		druidDataSource.setMinIdle(5);
		druidDataSource.setMaxActive(800);
		druidDataSource.setMaxWait(60000);// 4秒
		druidDataSource.setKeepAlive(true);
		druidDataSource.setTimeBetweenEvictionRunsMillis(60000);
		druidDataSource.setMinEvictableIdleTimeMillis(300000);
		druidDataSource.setValidationQuery("select 1 ");
		druidDataSource.setTestWhileIdle(true);
		druidDataSource.setTestOnBorrow(true);
		druidDataSource.setRemoveAbandoned(true);
		druidDataSource.setRemoveAbandonedTimeout(1800);
		druidDataSource.setLogAbandoned(true);
		druidDataSource.setTestOnReturn(true);
		druidDataSource.setPoolPreparedStatements(true);
		druidDataSource.setMaxPoolPreparedStatementPerConnectionSize(20);
		try {
			druidDataSource.setFilters("stat, wall");
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return druidDataSource;
	}

//	@Bean(name = "secondaryDataSource")
//    @Qualifier("secondaryDataSource")
//    public DataSource secondaryDataSource(@Value("${spring.datasource2.driverClassName}") String driver,
//                                      @Value("${spring.datasource2.url}") String url,
//                                      @Value("${spring.datasource2.username}") String username,
//                                      @Value("${spring.datasource2.password}") String password) {
//        DruidDataSource druidDataSource = new DruidDataSource();
//        druidDataSource.setDriverClassName(driver);
//        druidDataSource.setUrl(url);
//        druidDataSource.setUsername(username);
//        druidDataSource.setPassword(password);
//        druidDataSource.setInitialSize(100);
//        druidDataSource.setMinIdle(10);
//        druidDataSource.setMaxActive(400);
//        druidDataSource.setMaxWait(6000);
//        druidDataSource.setTimeBetweenEvictionRunsMillis(60000);
//        druidDataSource.setMinEvictableIdleTimeMillis(300000);
//        druidDataSource.setValidationQuery(" select 1 from dual");
//        druidDataSource.setTestWhileIdle(true);
//        druidDataSource.setTestOnBorrow(true);
//        druidDataSource.setRemoveAbandoned(true);
//        druidDataSource.setRemoveAbandonedTimeout(18000);
//        druidDataSource.setLogAbandoned(true);
//        druidDataSource.setTestOnReturn(false);
//        druidDataSource.setPoolPreparedStatements(true);
//        druidDataSource.setMaxPoolPreparedStatementPerConnectionSize(20);
//        try {
//            druidDataSource.setFilters("stat, wall");
//        } catch (SQLException e) {
//            e.printStackTrace();
//        }
//        return druidDataSource;
//    }
	@Bean
	public SessionRegistry sessionRegistry() {
		SessionRegistry sessionRegistry = new SessionRegistryImpl();
		return sessionRegistry;
	}

	@Bean
	public MySessionControlStrategy concurrentSessionControlStrategy() {
		MySessionControlStrategy concurrentSessionControlStrategy = new MySessionControlStrategy(sessionRegistry());
		return concurrentSessionControlStrategy;
	}

	@Bean
	public FilterRegistrationBean filterRegistrationBean() {
		FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
		filterRegistrationBean.setFilter(new WebStatFilter());
		filterRegistrationBean.addUrlPatterns("/*");
		filterRegistrationBean.addInitParameter("exclusions", "*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*");
		return filterRegistrationBean;
	}

	@Bean
	public FilterRegistrationBean encodeRegistrationBean() {
		CharacterEncodingFilter encodeFilter = new CharacterEncodingFilter();
		encodeFilter.setEncoding("UTF-8");
		encodeFilter.setForceEncoding(true);
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(encodeFilter);
		registrationBean.setOrder(Ordered.LOWEST_PRECEDENCE);
		return registrationBean;
	}

	public static void main(String[] args) {
		SpringApplication app = new SpringApplication(Application.class);
		app.setBannerMode(Banner.Mode.OFF);
		app.run(args);
	}

	@Bean
	public ObjectMapper jacksonObjectMapper() {
		return new ObjectMapper().registerModule(new JodaModule()).disable(SerializationFeature.FAIL_ON_EMPTY_BEANS)
				.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false)
				.configure(SerializationFeature.INDENT_OUTPUT, true).setDateFormat(new ISO8601DateFormat())
				.registerModule(new SysModule());

	}

	@Bean
	public MappingJackson2JsonView mappingJackson2JsonView() {
		MappingJackson2JsonView v = new org.springframework.web.servlet.view.json.MappingJackson2JsonView();
		v.setObjectMapper(jacksonObjectMapper());
		v.setPrettyPrint(true);
		return v;
	}

	protected class MappingJackson2JsonpView extends MappingJackson2JsonView {
		public static final String DEFAULT_CONTENT_TYPE = "application/javascript";

		@Override
		public String getContentType() {
			return DEFAULT_CONTENT_TYPE;
		}

		@Override
		public void render(Map<String, ?> model, HttpServletRequest request, HttpServletResponse response)
				throws Exception {
			Map<String, String[]> params = request.getParameterMap();
			if (params.containsKey("callback")) {
				response.getOutputStream().write(new String(params.get("callback")[0] + "(").getBytes());
				super.render(model, request, response);
				response.getOutputStream().write(new String(");").getBytes());
				response.setContentType(DEFAULT_CONTENT_TYPE);
			} else {
				super.render(model, request, response);
			}
		}
	}

	@Bean
	public MappingJackson2JsonpView mappingJackson2JsonpView() {
		MappingJackson2JsonpView v = new MappingJackson2JsonpView();
		v.setObjectMapper(jacksonObjectMapper());
		v.setPrettyPrint(false);
		return v;
	}

	@Autowired
	ThymeleafViewResolver thymeleafViewResolver;

	@Override
	public void configureContentNegotiation(ContentNegotiationConfigurer configurer) {
		configurer.favorParameter(true).ignoreAcceptHeader(false).defaultContentType(MediaType.TEXT_HTML)
				.mediaType("json", MediaType.APPLICATION_JSON)
				.mediaType("jsonp", MediaType.valueOf("application/javascript"));
	}

	@Bean
	public ViewResolver contentNegotiatingViewResolver(ContentNegotiationManager manager) {
		List<ViewResolver> resolvers = new ArrayList<ViewResolver>();

		thymeleafViewResolver.setCache(false);
		// thymeleafViewResolver.setOrder(1);
		resolvers.add(thymeleafViewResolver);

		// InternalResourceViewResolver r2 = new InternalResourceViewResolver();
		// r2.setPrefix("templates");
		// r2.setSuffix(".jsp");
		// resolvers.add(r2);

		ContentNegotiatingViewResolver resolver = new ContentNegotiatingViewResolver();
		resolver.setViewResolvers(resolvers);
		resolver.setContentNegotiationManager(manager);

		List<View> views = new ArrayList<View>();
		views.add(mappingJackson2JsonView());
		views.add(mappingJackson2JsonpView());
		resolver.setDefaultViews(views);
		return resolver;
	}

	// see
	// org.springframework.boot.autoconfigure.thymeleaf.ThymeleafAutoConfiguration.ThymeleafDefaultConfiguration

	@Bean
	public Collection<IDialect> dialects() {
		Collection<IDialect> dialects = new HashSet<IDialect>();
		dialects.add(new SpringSecurityDialect());

		return dialects;
	}

	public void addViewControllers(ViewControllerRegistry registry) {
		registry.addViewController("/zcgllogin").setViewName("login");

	}

	@Order(Ordered.HIGHEST_PRECEDENCE)
	@Configuration
	protected static class AuthenticationSecurity extends GlobalAuthenticationConfigurerAdapter {

		// @Value("${spring.datasource.url}")
		// private String url;

		// @Autowired
		// private JdbcTemplate jt;
		//
		@Autowired
		private DataSource dataSource;
		@Autowired
		private SessionRegistry sessionRegistry;

		@Bean
		public ShaPasswordEncoder passwordEncoder() {
			// return new BCryptPasswordEncoder();
			return new ShaPasswordEncoder(1);
		}

		// @Autowired
		// public TaijiAuthenticationProvider customAuthenticationProvider;
		@Inject
		public MyUserDetailServiceImpl userDetailsService;

		@Override
		public void init(AuthenticationManagerBuilder auth) throws Exception {
			auth.userDetailsService(userDetailsService);
			// auth.authenticationProvider(customAuthenticationProvider);
			// @formatter:off
			// auth.jdbcAuthentication()
			// .dataSource(dataSource)
			// .passwordEncoder(passwordEncoder())
			// .groupAuthoritiesByUsername(
			// "select g.code, g.name, ga.role_code from user_group g, user_account_group
			// gm, user_group_role ga where gm.user_code = ? and g.code = ga.group_code and
			// g.code = gm.group_code and g.enabled = true")
			// .authoritiesByUsernameQuery(
			// "select x.user_code, x.role_code from user_account_role x, user_role r where
			// x.role_code=r.code and r.enabled = true and x.user_code=?")
			// .usersByUsernameQuery(
			// "select code, password, enabled from user_account where code=? and enabled =
			// true");
			// @formatter:off
			// auth.inMemoryAuthentication().withUser("admin").password("admin")
			// .roles("ADMIN", "USER").and().withUser("user")
			// .password("user").roles("USER");
			// @formatter:on
		}
	}

	@Autowired
	private MultipartProperties multipartProperties = new MultipartProperties();

	@Bean
	@ConditionalOnMissingBean
	public MultipartConfigElement multipartConfigElement() {
		this.multipartProperties.setMaxFileSize("-1");
		this.multipartProperties.setMaxRequestSize("-1");
		return this.multipartProperties.createMultipartConfig();
	}

	@Bean
	@ConditionalOnMissingBean
	public StandardServletMultipartResolver multipartResolver() {
		return new StandardServletMultipartResolver();
	}

	@Order(Ordered.LOWEST_PRECEDENCE - 8)
	protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter {

		@Autowired
		private LoadingCacheService loadingCacheService;

		@Autowired
		private UserService userService;
		@Autowired
		private MySessionControlStrategy concurrentSessionControlStrategy;
		@Value("${pwd.invaliddays}")
		public int invaliddays;
		@Value("${pwd.invalid}")
		public boolean invalid;
		@Value("${concurrency.control}")
		public boolean concurrencyControl;
		@Value("${concurrency.limit}")
		public int concurrencyLimit;
		@Value("${concurrency.priority}")
		public int concurrencyPriority;
		@Value("${concurrency.hour_start}")
		public int concurrencyHourStart;
		@Value("${concurrency.hour_end}")
		public int concurrencyHourEnd;
		@Inject
		SessionRegistryImpl sessionRegistryImpl;

		@Bean
		public MyUsernamePasswordAuthenticationFilter loginFilter() throws Exception {
			MyUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter = new MyUsernamePasswordAuthenticationFilter();
			customUsernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(customSuccessHandler());
			customUsernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(customFailureHandler());
			customUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
			customUsernamePasswordAuthenticationFilter.setLoadingCacheService(loadingCacheService);
			customUsernamePasswordAuthenticationFilter.setInvalid(invalid);
			customUsernamePasswordAuthenticationFilter.setSessionRegistryImpl(sessionRegistryImpl);
			customUsernamePasswordAuthenticationFilter.setInvaliddays(invaliddays);
			customUsernamePasswordAuthenticationFilter.setConcurrencyControl(concurrencyControl);
			customUsernamePasswordAuthenticationFilter.setConcurrencyLimit(concurrencyLimit);
			customUsernamePasswordAuthenticationFilter.setConcurrencyPriority(concurrencyPriority);
			customUsernamePasswordAuthenticationFilter.setConcurrencyHourStart(concurrencyHourStart);
			customUsernamePasswordAuthenticationFilter.setConcurrencyHourEnd(concurrencyHourEnd);
			customUsernamePasswordAuthenticationFilter
					.setSessionAuthenticationStrategy(concurrentSessionControlStrategy);
			customUsernamePasswordAuthenticationFilter.setUserService(userService);
			customUsernamePasswordAuthenticationFilter.setFilterProcessesUrl("/login");
			customUsernamePasswordAuthenticationFilter.setAllowEmptyValidateCode(true);
			return customUsernamePasswordAuthenticationFilter;
		}

		@Bean
		public MyFailureHandler customFailureHandler() {
			MyFailureHandler customFailureHandler = new MyFailureHandler();
			customFailureHandler.setDefaultFailureUrl("/zcgllogin");
			return customFailureHandler;
		}

		@Bean
		public MySuccessHandler customSuccessHandler() {
			MySuccessHandler customSuccessHandler = new MySuccessHandler();
			customSuccessHandler.setDefaultTargetUrl("/dbdc/sysframe");
			return customSuccessHandler;
		}

		@Bean
		@Override
		public AuthenticationManager authenticationManagerBean() throws Exception {
			List<AuthenticationProvider> authenticationProviderList = new ArrayList<AuthenticationProvider>();
			authenticationProviderList.add(customAuthenticationProvider());
			AuthenticationManager authenticationManager = new ProviderManager(authenticationProviderList);
			return authenticationManager;
		}

		@Autowired
		public MyUserDetailServiceImpl userDetailsService;

		@Bean
		private MyAuthenticationProvider customAuthenticationProvider() {
			MyAuthenticationProvider customAuthenticationProvider = new MyAuthenticationProvider();
			customAuthenticationProvider.setUserDetailsService(userDetailsService);
			return customAuthenticationProvider;
		}

		@Autowired
		private MenuService menuService;
		@Autowired
		private RoleService roleService;
		@Autowired
		private SessionRegistry sessionRegistry;

		@Bean
		private MySecurityMetadataSource fisMetadataSource() {
			MySecurityMetadataSource fisMetadataSource = new MySecurityMetadataSource();
			fisMetadataSource.setMenuService(menuService);
			fisMetadataSource.setRoleService(roleService);
			return fisMetadataSource;
		}

		@Autowired
		private cn.com.taiji.security.MyAccessDecisionManager accessDecisionManager;

		@Bean
		public MyFilterSecurityInterceptor taijifiltersecurityinterceptor() throws Exception {
			MyFilterSecurityInterceptor taijifiltersecurityinterceptor = new MyFilterSecurityInterceptor();
			taijifiltersecurityinterceptor.setFisMetadataSource(fisMetadataSource());
			taijifiltersecurityinterceptor.setAccessDecisionManager(accessDecisionManager);
			taijifiltersecurityinterceptor.setAuthenticationManager(authenticationManagerBean());
			return taijifiltersecurityinterceptor;
		}

		@Override
		protected void configure(HttpSecurity http) throws Exception {
			// @formatter:off
			  http
			 .sessionManagement()
	            .sessionAuthenticationStrategy(concurrentSessionControlStrategy)
	            .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
	            .sessionFixation().changeSessionId()
	            .maximumSessions(1)
	            .maxSessionsPreventsLogin(true)
	            .expiredUrl("/dbdc/sysquit")
	            .sessionRegistry(sessionRegistry);
			http.authorizeRequests()

					.filterSecurityInterceptorOncePerRequest(true)// 过滤器的安全拦截器的每一次的要求
					.antMatchers("/image").permitAll() // for login
					.antMatchers("/dbdc/caslogin").permitAll().antMatchers("/dbdc/tjcaslogin").permitAll()
					.antMatchers("/dbdc/tjcaslogin").permitAll()
					.antMatchers("/dbdc/synchronizeInfo").permitAll().antMatchers("/monitor/isalive").permitAll()
					.antMatchers("/zcgllogin").permitAll().antMatchers("/dbdc_theme/**").permitAll()
					.antMatchers("/layuiadmin/**").permitAll().antMatchers("/layer/**").permitAll()
					.antMatchers("/api/**").permitAll().antMatchers("/echarts/**").permitAll()
					.antMatchers("/ueditor/**").permitAll().antMatchers("/uploadfile/**").permitAll()
					.antMatchers("/websocket-logger-js/**").permitAll().antMatchers("/soap/*").permitAll().anyRequest()
					.fullyAuthenticated()// .accessDecisionManager(accessDecisionManager) // all others need login
					.and().formLogin().loginPage("/zcgllogin").failureUrl("/zcgllogin?error")
					// login config
					.and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
					.and().exceptionHandling().accessDeniedPage("/logout"); // exception
			http.csrf().disable().addFilterAfter(new PermissionFilter(), ChannelProcessingFilter.class)
			.addFilterAfter(new XssFilter(), ChannelProcessingFilter.class)
			// 增加PermissionFilter
					.addFilterAfter(new RefererFilter(), ChannelProcessingFilter.class).addFilter(loginFilter())
					.rememberMe();
			http.headers().frameOptions().disable();
			// @formatter:on
		}

		@Override
		public void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
			authManagerBuilder.userDetailsService(userDetailsService);
		}

	}

}