Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring安全性不安全的根路径_Spring_Spring Security - Fatal编程技术网
Fatal编程技术网
  • spring/
  • Spring安全性不安全的根路径

Spring安全性不安全的根路径

spring spring-security

Spring安全性不安全的根路径,spring,spring-security,Spring,Spring Security,在我看来,这个配置应该允许根用户对站点的所有页面进行安全保护 访问site.com后,我会看到主页,但应该重定向到登录页面 @Override protected void configure(HttpSecurity http) throws Exception { http.csrf() .disable() .authorizeRequests() .antMatcher

在我看来,这个配置应该允许根用户对站点的所有页面进行安全保护

访问site.com后,我会看到主页,但应该重定向到登录页面

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf()
                .disable()
                .authorizeRequests()
                .antMatchers("/resources/**").permitAll()
                .antMatchers("/register").permitAll()
                .antMatchers("/login").permitAll()

                .and();

        http.formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/j_spring_security_check")
                .successHandler(getAuthenticationSuccess())
                .failureUrl("/login?error=accessDenied")
                .usernameParameter("j_username")
                .passwordParameter("j_password")
                .permitAll()
                .and()
                .authorizeRequests()
                .antMatchers("/**").authenticated()
                .anyRequest().authenticated()
                .and();
        http.logout()
                .logoutSuccessUrl("/")
                .logoutUrl("/logout")
                .permitAll();

        http.headers().xssProtection();
您应该在看到主页后注销。如果要重定向到登录页面,请输入登录url以注销成功url

http.formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/j_spring_security_check")
                .successHandler(getAuthenticationSuccess())
                .failureUrl("/login?error=accessDenied")
                .usernameParameter("j_username")
                .passwordParameter("j_password")
                .permitAll()
                .and()
                .authorizeRequests()
                .antMatchers("/**").authenticated()
                .anyRequest().authenticated()
                .and()
                .logout()
                .logoutSuccessUrl("/login")
                .permitAll();