Spring Security AuthorizationFilter代替FilterSecurityInterceptor重大变更逻辑

一.概述

最新的spring security的访问控制推荐使用

Authorize HttpServletRequests with AuthorizationFilter :: Spring Security

官方描述如下，建议使用AuthorizationFilter替换FilterSecurityInterceptor

 二.注意点

使用FilterSecurityInterceptor

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
	http
		// ...
		.authorizeRequests(authorize -> authorize                                  
			.mvcMatchers("/resources/**", "/signup", "/about").permitAll()         
			.mvcMatchers("/admin/**").hasRole("ADMIN")                             
			.mvcMatcher