[英]how to permit certain entities api to all users in jhipster
I am using jhipster 4.6.2 and Angular 1+ 我正在使用jhipster 4.6.2和Angular 1+
I want this questions entity to be permitted to all users.After searching in the internet, i came to know that adding the below lines in SecurityConfiguration.java. 我希望这个问题实体允许所有用户使用。在Internet中搜索之后,我知道在SecurityConfiguration.java中添加以下几行。 But after adding these lines, API's are hit in the backend.
但是添加这些行之后,API就会在后端被击中。 But getting this error in the logs.
但是在日志中出现此错误。
org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'username' cannot be found on object of type 'java.lang.String' - maybe not public? org.springframework.expression.spel.SpelEvaluationException:EL1008E:在“ java.lang.String”类型的对象上找不到属性或字段“用户名”-也许不是公共的?
.antMatchers("/api/**").permitAll()
.antMatchers("/api/questions").permitAll()
.antMatchers("/api/questions/id").permitAll()
how can i achieve this? 我怎样才能做到这一点? I want few more entites to be permitted to all users without login.
我希望在没有登录的情况下允许更多用户访问所有用户。
As explained in Spring Security documentation : Each matcher is considered in the order they were declared. 如Spring Security文档中所述 :每个匹配器均按声明顺序进行考虑。 Also you should keep authenticated requirement or /api/**
另外,您应该保留经过身份验证的要求或/ api / **
Try this: 尝试这个:
.antMatchers("/api/questions").permitAll()
.antMatchers("/api/questions/id").permitAll()
.antMatchers("/api/**")..authenticated()
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.