在pom.xml中配置了
| <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> |
但是在程式中沒有實作 WebSecurityConfigurerAdapter, 配置通路path的授權。
| @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled=true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure( HttpSecurity httpSecurity ) throws Exception { //httpSecurity.authorizeRequests().anyRequest().permitAll(); httpSecurity.csrf().disable(); httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .authorizeRequests() .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() .antMatchers(HttpMethod.POST).permitAll() .antMatchers(HttpMethod.PUT).permitAll() .antMatchers(HttpMethod.DELETE).permitAll() .antMatchers(HttpMethod.GET).permitAll(); httpSecurity.headers().cacheControl(); } } |
![一、Spring Security入門[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)