@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterchain(HttpSecurity httpSecurity) throws Exception {
httpSecurity.authorizeHttpRequests()
.requestMatchers(new AntPathRequestMatcher("/AddUser/**"))
.permitAll()
.anyRequest().authenticated()
.and()
.formLogin();
return httpSecurity.build();
}
我正在使用此配置类并尝试访问端点“AddUser”,但仍然要求身份验证(请参阅使用用户名和密码登录页面),但这是不应该发生的,因为此端点需要允许在没有身份验证的情况下进行访问.
需要解决这个问题
我相信您这里拥有的是 Spring Security 5.x 配置,对于 6 您可以使用例如:
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.csrf(Customizer.withDefaults())
.authorizeHttpRequests(authorize -> authorize
.anyRequest().permitAll()
)
.httpBasic(Customizer.withDefaults())
.formLogin(Customizer.withDefaults());
return http.build();
}
}