仅对一页应用弹簧安全性 [英] Apply spring security only to one page
本文介绍了仅对一页应用弹簧安全性的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个典型的安全配置:
I have a typical security configuration:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/index").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
//http.authorizeRequests().antMatchers("/resources/**").permitAll().anyRequest().permitAll();
}
现在 spring 要求登录除登录页面之外的所有内容......但是我怎么能以另一种方式登录,所以它只要求视图/索引的登录页面?仅适用于一组端点?谢谢!
Now spring is asking for a login for everything except of the login page... But how could I make it the other way, so it asks for login page ONLY for the view /index? Od only for a group of endpoints? Thanks!
推荐答案
试试这个:
http
.authorizeRequests()
.antMatchers("/", "/index").authenticated()//Makes / and /index to be authenthicated
.anyRequest().permitAll()//Makes any other allow without authentication. Or if you want a group use antMatchers here too.
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
这篇关于仅对一页应用弹簧安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文