[英]Ignoring certain url path, Spring Security
我想禁用Spring(或我)为“ / login” URL提供的所有过滤器。 我已经编写了这段代码,但是Spring似乎忽略了这些代码行。 我究竟做错了什么?
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.cors()
.and().exceptionHandling().authenticationEntryPoint(authenticationEntryPoint)
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests()
.antMatchers(HttpMethod.GET, AUTH_WHITELIST).permitAll()
.antMatchers("/admin").hasAuthority("ADMIN")
.anyRequest().authenticated()
.and().requestCache().disable()
.logout().and().rememberMe().disable()
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/login");
}
您需要在httpSecurity中指定登录表单在哪里,请尝试类似这样的操作
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(HttpMethod.GET, AUTH_WHITELIST).permitAll()
.antMatchers("/admin").hasAuthority("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.