[英]Spring webflux Security - Disable csrf with property
I have a Spring WebFlux security as follows and would like to control CSRF using property.我有一个 Spring WebFlux 安全性如下,并想使用属性控制 CSRF。 How can I add if check for the CSRF alone here?
如果在这里单独检查 CSRF,我该如何添加?
@Bean
public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
return http.authorizeExchange().matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
//.pathMatchers("/register", "/login").permitAll()
.anyExchange().authenticated()
.and().formLogin()
.securityContextRepository(securityContextRepository())
.and()
.exceptionHandling()
.accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.BAD_REQUEST))
.and().csrf().disable()
.build();
}
you just add something like:您只需添加以下内容:
// All your stuff up here then
if(!csrfEnabled) {
http.csrf().disable();
}
return http.build();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.