package cn.hhj.config;

//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;
//
////由于使用了其他的安全模块，此处注释
////@Configuration
////@EnableWebSecurity
//public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        //关闭防止跨域攻击，post无需附带crf
//        http.csrf().disable();
//        // 表示所有的访问都必须认证，认证处理后才可以正常进行
//        http.httpBasic().and().authorizeRequests().anyRequest().fullyAuthenticated();
//        // 所有的rest服务一定要设置为无状态，以提升操作效率和性能
//        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//    }
//}