From 09dfb25d735d26e08b81307515ec32708016da33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?=
 <15040126243@163.com>
Date: Tue, 7 Dec 2021 12:20:21 +0800
Subject: [PATCH] =?UTF-8?q?update=20=E4=BF=AE=E6=94=B9=20=E5=81=A5?=
 =?UTF-8?q?=E5=BA=B7=E6=A3=80=E6=9F=A5=E6=9D=83=E9=99=90=20=E6=94=B9?=
 =?UTF-8?q?=E4=B8=BA=E7=94=A8=E6=88=B7=E6=94=BE=E8=A1=8C=20=E6=8F=90?=
 =?UTF-8?q?=E9=AB=98=E5=AE=89=E5=85=A8=E6=80=A7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ruoyi-admin/src/main/resources/application.yml              | 4 ++--
 .../java/com/ruoyi/monitor/admin/config/SecurityConfig.java | 6 ++----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index f7ef6339..abaf6d61 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -120,11 +120,11 @@ security:
     - /*/api-docs
     # druid 监控配置
     - /druid/**
+  # 用户放行
+  permit-all:
     # actuator 监控配置
     - /actuator
     - /actuator/**
-  # 用户放行
-  permit-all:
 
 # 重复提交
 repeat-submit:
diff --git a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
index 7335e2f2..04a0fdef 100644
--- a/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
+++ b/ruoyi-extend/ruoyi-monitor-admin/src/main/java/com/ruoyi/monitor/admin/config/SecurityConfig.java
@@ -2,7 +2,6 @@ package com.ruoyi.monitor.admin.config;
 
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -15,7 +14,6 @@ import org.springframework.security.web.authentication.SavedRequestAwareAuthenti
  */
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	private final String adminContextPath;
@@ -34,8 +32,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 			//授予对所有静态资产和登录页面的公共访问权限。
 			.antMatchers(adminContextPath + "/assets/**").permitAll()
 			.antMatchers(adminContextPath + "/login").permitAll()
-            .antMatchers("/actuator").anonymous()
-            .antMatchers("/actuator/**").anonymous()
+            .antMatchers("/actuator").permitAll()
+            .antMatchers("/actuator/**").permitAll()
 			//必须对每个其他请求进行身份验证
 			.anyRequest().authenticated().and()
 			//配置登录和注销