Spring security permit all 不适用于多个 url

Posted

技术标签:

【中文标题】Spring security permit all 不适用于多个 url【英文标题】:Spring security permit all is not working for multiple urls 【发布时间】:2020-10-09 11:53:50 【问题描述】:

我正在尝试将 permit all 授予多个 url,但我得到 403。当我禁用 csrf 时,所有请求都在没有身份验证的情况下工作。请在我的安全配置下方找到。

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter 
    @Override
    protected void configure(HttpSecurity http) throws Exception 
        http.csrf().disable()
                .authorizeRequests()//.anyRequest().permitAll()
                .antMatchers("/actuator/**","/v1/foo/link")
                .permitAll()
                .antMatchers("/**")
                .authenticated()
                .and()
                .oauth2ResourceServer()
                .jwt(withDefaults());

请纠正我遗漏的地方。谢谢。。

【问题讨论】:

【参考方案1】:

我在提到的 *** 链接中找到了这个答案,它正在工作。

@Override
public void configure(WebSecurity web) throws Exception 
    web.ignoring().antMatchers("/v1/foo/link").antMatchers("/v1/refer/link");

Spring Security exclude url patterns in security annotation configurartion

【讨论】:

以上是关于Spring security permit all 不适用于多个 url的主要内容,如果未能解决你的问题,请参考以下文章

android 关于CLEARTEXT communication to xxx.xxx not permitted by network security policy错误

解决CLEARTEXT communication to XXX not permitted by network security

android 关于CLEARTEXT communication to xxx.xxx not permitted by network security policy错误

android 关于CLEARTEXT communication to xxx.xxx not permitted by network security policy错误

Spring Boot做文件上传时出现了The field file exceeds its maximum permitted size of 1048576 bytes.错误

Magento错误 Illegal scheme supplied, only alphanumeric characters are permitted