Spring Security 配置多种拦截规则
Spring Security Spring Boot About 1,295 words单一配置
Spring Security 6
中如果没有指定securityMatcher
,默认会拦截所有路径。
@Bean
SecurityFilterChain securityFilterChain1(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorizeHttpRequests ->
authorizeHttpRequests.anyRequest().authenticated()
);
return http.build();
}
多配置
Spring Security 6
中使用securityMatcher
,配置多种路径拦截规则。
如果配置的SecurityFilterChain
都应用了securityMatcher
,则不符合拦截规则的路径,都将不会被Spring Security
拦截。
@Bean
@Order(0)
SecurityFilterChain securityFilterChain0(HttpSecurity http) throws Exception {
http
.securityMatcher("/web/**")
.authorizeHttpRequests(authorizeHttpRequests -> {
authorizeHttpRequests.requestMatchers("/web/login").permitAll();
authorizeHttpRequests.anyRequest().authenticated();
});
return http.build();
}
@Bean
@Order(1)
SecurityFilterChain securityFilterChain1(HttpSecurity http) throws Exception {
http
.securityMatcher("/api/**")
.authorizeHttpRequests(authorizeHttpRequests ->
authorizeHttpRequests.anyRequest().authenticated()
);
return http.build();
}
参考文档
Views: 1,071 · Posted: 2024-04-26
————        END        ————
Give me a Star, Thanks:)
https://github.com/fendoudebb/LiteNote扫描下方二维码关注公众号和小程序↓↓↓
Loading...