问Spring boot安全URL配置
EN

Stack Overflow用户

提问于 2017-10-17 22:11:53

回答 1查看 1.3K关注 0票数 0

我将根路径设置为：- server.contextPath=/myspringBootApp (在Application.propertes中)文件。

并将配置文件更改为：-

package com.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    public CustomAuthenticationEntryPoint unauthorizedHandler;

    @Autowired
    MyDaoAuthenticationProvider authProvider;

    @Bean
    public CustomAuthenticationTokenFilter authenticationTokenFilterBean() {
        return new CustomAuthenticationTokenFilter();
    }

    @Autowired
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(authProvider.authProvider());
    }

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .csrf().disable()
                .authorizeRequests()

                // UI related urls
                .antMatchers(
                        HttpMethod.GET,
                        "/",
                        "/myspringBootApp/login",
                       "/content/**",
                        "/*.html",
                        "/favicon.ico",
                        "/**/*.html",
                        "/**/*.css",
                        "/**/*.js",
                        "/assets/**"
                ).permitAll()

                //Back end - auth layer
                .antMatchers("/auth/user").permitAll()

                //Back end - actual rest layer
                .antMatchers(HttpMethod.POST,"/auth/login").permitAll()

                .anyRequest().authenticated()
                .and()
                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler);

        httpSecurity.addFilterBefore(authenticationTokenFilterBean(),UsernamePasswordAuthenticationFilter.class)
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }

}

上面的代码无法正常工作，无法加载UI。我尝试将UI更改为/myspringBootApp/folicon.ico，但这也没有得到所需的结果。

有人能帮我找到解决方案吗？

spring

spring-boot

spring-security

回答 1

Stack Overflow用户

发布于 2017-10-17 22:16:07

我认为您可以使用WebSecurityConfigurerAdapter的WebSecurity部分来实现这一点：

@Override
public void configure(final WebSecurity web) throws Exception {
    web.ignoring()
            .antMatchers("/")
            .antMatchers("/favicon.ico")
            .antMatchers("/**.css")
            .antMatchers("/webjars/**")
            ...

票数 0

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/46792267

复制

相似问题

问Spring boot安全URL配置
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问Spring boot安全URL配置EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问Spring boot安全URL配置
EN