~chenjiahe/hx_common.git

			@@ -141,6 +141,12 @@
			<artifactId>jstl</artifactId>
			</dependency>

			<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-tomcat</artifactId>
			<!--<scope>provided</scope>-->
			</dependency>

			<!-- mybatis自动生成 -->
			<dependency>
			<groupId>com.gitee.sunchenbin.mybatis.actable</groupId>

New file
			@@ -0,0 +1,39 @@
			package com.hx.security.request;

			import org.apache.tomcat.util.descriptor.web.SecurityCollection;
			import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
			import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
			import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
			import org.springframework.context.annotation.Bean;
			import org.springframework.context.annotation.Configuration;

			/*设置限制请求/
			@Configuration
			public class RequestRestriction {

			@Bean
			public ConfigurableServletWebServerFactory configurableServletWebServerFactory() {
			TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
			factory.addContextCustomizers(context -> {
			SecurityConstraint securityConstraint = new SecurityConstraint();
			securityConstraint.setUserConstraint("CONFIDENTIAL");
			SecurityCollection collection = new SecurityCollection();
			//设置不安全请求不能通过
			collection.addPattern("/*");
			collection.addMethod("HEAD");
			collection.addMethod("PUT");
			collection.addMethod("DELETE");
			collection.addMethod("OPTIONS");
			collection.addMethod("TRACE");
			collection.addMethod("COPY");
			collection.addMethod("SEARCH");
			collection.addMethod("PROPFIND");
			//collection.addMethod("PATCH");
			securityConstraint.addCollection(collection);
			context.addConstraint(securityConstraint);
			});
			return factory;
			}


			}

	pom.xml	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/hx/security/request/RequestRestriction.java	39 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史