应用以下配置,我仍然从服务器获取异常
{“ timestamp”:“ 2019-10-13T17:13:41.168 + 0000”,“状态”:401,“错误”:“未经授权”,“ message”:“未经授权”,“路径”:“ /客人/替代”}
@GetMapping("/guests/alternate")
public String showAny() {
return "alternate";
}
// For pre-auth
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
@EnableJpaRepositories(basePackageClasses = UsersRepository.class)
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(getPasswordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers("/guests**").permitAll()
.antMatchers("**/secured/**").authenticated()
.anyRequest().permitAll()
.and()
.formLogin().permitAll();
}
[在尝试重现您的问题时,我遇到了以下AntPathMatcher文档:
**匹配路径中的零个或多个目录
您可以尝试使用.antMatchers("/guests/**").permitAll()代替.antMatchers("/guests**").permitAll()吗?我在末尾添加了一个额外的斜杠。