![](/img/trans.png)
[英]Spring Security annotation based configuration - form based login is bypassed
[英]Spring security redirect to login form with Java based configuration
我正在嘗試為未經身份驗證且當前具有以下配置的任何請求配置基於Java的Spring Security重定向到登錄頁面。
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity security) throws Exception {
security
.ignoring()
.antMatchers("/resources/**")
;
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
.formLogin()
.loginPage("/login").permitAll()
.and()
.authorizeRequests()
.anyRequest().authenticated()
;
}
}
在實現WebApplicationInitializer
的類中,我具有以下內容:
AnnotationConfigWebApplicationContext rootContext = new AnnotationConfigWebApplicationContext();
rootContext.register(SecurityConfig.class);
container.addListener(new ContextLoaderListener(rootContext));
在configure(HttpSecurity httpSecurity)
方法中設置一個斷點表明,該方法在啟動時被調用,但是沒有請求被重定向到/login
。
為有類似問題的其他人回答我自己的問題。 解決方案是添加一個新的空類,以擴展AbstractSecurityWebApplicationInitializer
,如下所示:
public class SecurityApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
// Nothing
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.