如何在spring安全中允许单个url
我有两个得到网址如何在spring安全中允许单个url,spring,http,spring-security,jwt,Spring,Http,Spring Security,Jwt,我有两个得到网址 /api/appconsole/app/{appid} /api/appconsole/app/search 我想保护第二个API,但想允许第一个API 下面是websecurityconfig.java文件。 我应该写什么,以便它只允许第一个api,即/api/appconsole/app/{appid} httpSecurity.csrf().disable() .exceptionHandling().authenticationEntr
httpSecurity.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// don't create session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
//.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
// allow anonymous resource requests
.antMatchers(
HttpMethod.GET,
"/",
"/file/**/*.*",
"/*.html",
"/favicon.ico",
"/**/*.html",
"/**/*.css",
"/**/*.js"
).permitAll()
.antMatchers(HttpMethod.GET, "/api/appconsole/app/{appid}").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/api/**").permitAll()
.antMatchers("/ws/**").permitAll()
.antMatchers("/upload").permitAll()
.antMatchers("/login/**").permitAll()
.antMatchers("/registration/**").permitAll()
.antMatchers("/api/orbeon/**").permitAll()
.anyRequest().authenticated();
提前感谢。订购事宜:
http ...
.antMatchers(HttpMethod.GET, "/api/appconsole/app/search").authenticated()
.antMatchers(HttpMethod.GET, "/api/appconsole/app/*").permitAll()
尝试添加AntMatcher(“/api/appconsole/app/search”)。authenticated()您对
/api/appconsole/app/search
使用什么HTTP方法?您是否使用选项
或获取
?