我有一个典型的安全配置:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/index").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
//http.authorizeRequests().antMatchers("/resources/**").permitAll().anyRequest().permitAll();
}
现在spring正在要求除登录页面以外的所有内容进行登录...但是我怎么能做到这一点,所以它仅针对视图/ index要求登录页面? od仅适用于一组端点吗?谢谢!
尝试一下:
http
.authorizeRequests()
.antMatchers("/", "/index").authenticated()//Makes / and /index to be authenthicated
.anyRequest().permitAll()//Makes any other allow without authentication. Or if you want a group use antMatchers here too.
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();