spring security 注解方式配置 匿名用户访问方法,如何配置?以下代码无效
以下代码无效
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.anonymous()
.authorities("ROLE_ANONYMOUS").and()
.authorizeRequests()
.antMatchers(
"/","/login**", "/webjars*", "/static*",
"/profile/register**","/user/IsRegistered**","/profile/save**","/topic/zone*//**","/topic**","/topic/getTopicList**","/topic/detail**","/topic/getOne*//**","/topic/getCommentList**","/topic/saveTopicComment**").permitAll()
.anyRequest()
.authenticated().
and().formLogin().loginPage("/login").failureUrl("/login?error").defaultSuccessUrl("/topic/zone")
.and().exceptionHandling()
.and().logout().logoutUrl("/logout").invalidateHttpSession(true).logoutSuccessUrl("/login")
.and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
// http.addFilterAfter(tokenFilter(), BasicAuthenticationFilter.class);
http.csrf().disable();
http.headers().frameOptions().sameOrigin();
}@Slf4j
@Controller("chatController")
@RequestMapping(value="/chat")
public class IndexController extends AbstractController {
@Secured( value={"ROLE_ANONYMOUS"})
@RequestMapping(value="")
public String index(Model model){
super.setUser(model);
return "chat/index";
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我这也是,怎么解决