spring引导蚂蚁匹配器参数

我想对以下每个URL授予权限：

.antMatchers("/myPage?param1=tata*").hasRole("tata")
.antMatchers("/myPage?param1=toto*").hasRole("toto")

我有两个URL：

http://localhost:3000/myPage?param1=tata&param2=0001
http://localhost:3000/myPage?param1=toto&param2=0001

---

如果URL是键入的，并且有“

tata

”作为参数，我只想通过角色“

tata

”访问，而“

toto

”也是如此，那么您可以使用

RegexRequestMatcher

而不是

AntPathRequestMatcher

http
    .authorizeRequests()
         .regexMatchers("\/myPage\?param1=tata(&.*|$)"). hasRole('tata')
         .regexMatchers("\/myPage\?param1=toto(&.*|$)"). hasRole('toto')

AntPathRequestMatcher

不匹配参数，正如您可以从

RegexRequestMatcher

将获取请求路径和

---

问题在于，我不知道我是否只放了一个或两个或其他什么？

private String getRequestPath(HttpServletRequest request) {
        if (this.urlPathHelper != null) {
            return this.urlPathHelper.getPathWithinApplication(request);
        }
        String url = request.getServletPath();

        String pathInfo = request.getPathInfo();
        if (pathInfo != null) {
            url = StringUtils.hasLength(url) ? url + pathInfo : pathInfo;
        }

        return url;
    }

public boolean matches(HttpServletRequest request) {
        if (httpMethod != null && request.getMethod() != null
                && httpMethod != valueOf(request.getMethod())) {
            return false;
        }

        String url = request.getServletPath();
        String pathInfo = request.getPathInfo();
        String query = request.getQueryString();

        if (pathInfo != null || query != null) {
            StringBuilder sb = new StringBuilder(url);

            if (pathInfo != null) {
                sb.append(pathInfo);
            }

            if (query != null) {
                sb.append('?').append(query);
            }
            url = sb.toString();
        }

        if (logger.isDebugEnabled()) {
            logger.debug("Checking match of request : '" + url + "'; against '" + pattern
                    + "'");
        }

        return pattern.matcher(url).matches();
    }