带有多个路径的Spring Security http antMatcher [英] spring security http antMatcher with multiple paths
问题描述
我有以下有效的春季安全性Java配置规则(版本3.2.4):
I have the following spring security java config rule (with version 3.2.4) which works:
http.antMatcher("/lti1p/**")
.addFilterBefore(ltioAuthProviderProcessingFilter, UsernamePasswordAuthenticationFilter.class)
.authorizeRequests().anyRequest().hasRole("LTI")
.and().csrf().disable();
但是,我想将此规则应用于2个路径("/lti1p/"和("/lti2p/").我不能只用antMatchers替换antMatcher(HttpSecurity对象不会(不允许),而当我尝试类似操作时,该规则就无法正确应用.
However, I would like to apply this rule to 2 paths ("/lti1p/" and ("/lti2p/"). I can't just replace antMatcher with antMatchers (HttpSecurity object doesn't allow it) and when I try something like this it doesn't apply the rule correctly anymore.
http
.addFilterBefore(ltioAuthProviderProcessingFilter, UsernamePasswordAuthenticationFilter.class)
.authorizeRequests()
.antMatchers("/lti1p/**","/lti2p/**").hasRole("LTI")
.and().csrf().disable();
我尝试了许多这样的变体,但没有任何运气.有谁知道使用java config将此规则应用于多个路径的正确方法?
I have tried a number of variants of this without any luck. Does anyone know the correct way to apply this rule using java config to multiple paths?
推荐答案
尝试以下方法:
http
.requestMatchers()
.antMatchers("/lti1p/**","/lti2p/**")
.and()
.addFilterBefore(ltioAuthProviderProcessingFilter, UsernamePasswordAuthenticationFilter.class)
.authorizeRequests().anyRequest().hasRole("LTI")
.and().csrf().disable();
这篇关于带有多个路径的Spring Security http antMatcher的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!