我正在尝试实现 SecurityfilerChain,许多方法已被废弃,例如 cors()、and()、authorizeHttpRequests() 和 formLogin()。我迷失了,我不知道如何修复我的代码
这是我的代码
@豆豆 公共SecurityFilterChain securityFilterChain(HttpSecurity http)抛出异常{ 返回http.cors().and() .csrf().disable() .authorizeHttpRequests() .requestMatchers("/注册") .permitAll().and().authorizeHttpRequests() .requestMatchers(“/用户”) .hasAnyAuthority("用户","管理员") .and().formLogin().and().build(); }
而不是
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http.cors().and() .csrf().disable() .authorizeHttpRequests()
.requestMatchers("/register")
.permitAll().and().authorizeHttpRequests() .requestMatchers("/users")
.hasAnyAuthority("USER","ADMIN") .and().formLogin().and().build();
}
您现在可以使用:
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http
.cors(AbstractHttpConfigurer::disable)
.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(auth -> auth.requestMatchers("/register")
.permitAll())
.authorizeHttpRequests(auth -> auth.requestMatchers("/users")
.hasAnyAuthority("USER", "ADMIN"))
.formLogin(Customizer.withDefaults())
.build();
}