Spring 当从控制器加载模板时，Thymeleaf再次尝试进行身份验证_Spring_Spring Mvc_Spring Security_Spring Boot_Thymeleaf

Spring 当从控制器加载模板时，Thymeleaf再次尝试进行身份验证

spring spring-mvc spring-security spring-boot

Spring 当从控制器加载模板时，Thymeleaf再次尝试进行身份验证,spring,spring-mvc,spring-security,spring-boot,thymeleaf,Spring,Spring Mvc,Spring Security,Spring Boot,Thymeleaf,我想使用Thymeleaf从控制器渲染导航视图。但是，导航应该基于用户的权限，所以我不想将其从Spring安全性中排除。因此，我使用UrlTemplateResolver： package it.vertyze.platform.web.controllers; import javax.annotation.PostConstruct; import org.springframework.beans.factory.annotation.Autowired; import org.spr

我想使用Thymeleaf从控制器渲染导航视图。但是，导航应该基于用户的权限，所以我不想将其从Spring安全性中排除。因此，我使用UrlTemplateResolver：

package it.vertyze.platform.web.controllers;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.thymeleaf.spring4.SpringTemplateEngine;
import org.thymeleaf.templateresolver.UrlTemplateResolver;

@Configuration
public class VZMVCConfig extends WebMvcConfigurerAdapter {

    @Autowired
    private SpringTemplateEngine templateEngine;

    @PostConstruct
    public void templateResolverExtension(){
        UrlTemplateResolver urlTemplateResolver = new UrlTemplateResolver();
        urlTemplateResolver.setOrder(20);
        templateEngine.addTemplateResolver(urlTemplateResolver);
    }


}

然而，当我登录到我的网站，链接甚至没有得到解决。相反，我被重定向到登录页面。当我禁用安全性时，我会得到一个模板未找到错误，因此模板解析器不会呈现控制器的输出，但当我导航到它时，它会精确呈现我想要的HTML。这是我的安全配置：

package it.vertyze.platform.web.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebMvcSecurity
public class VZWebSecurityConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    VZUserDetailsService userDetailsService;

    @Autowired
    public void configure(AuthenticationManagerBuilder auth) throws Exception{
        auth.userDetailsService(userDetailsService).passwordEncoder(encoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception{
            http
            .authorizeRequests()
                .antMatchers("/", "/home").permitAll()
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/login")
                .permitAll()
                .and()
            .logout()
                .permitAll();
    }

    @Bean
    public PasswordEncoder encoder(){
        return new BCryptPasswordEncoder();
    }

}

这里是我调用封闭模板中的链接的地方：

<div th:replace="${topNavLinks.getHref()}"></div>