Spring安全性不安全的根路径
在我看来,这个配置应该允许根用户对站点的所有页面进行安全保护 访问site.com后,我会看到主页,但应该重定向到登录页面Spring安全性不安全的根路径,spring,spring-security,Spring,Spring Security,在我看来,这个配置应该允许根用户对站点的所有页面进行安全保护 访问site.com后,我会看到主页,但应该重定向到登录页面 @Override protected void configure(HttpSecurity http) throws Exception { http.csrf() .disable() .authorizeRequests() .antMatcher
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.antMatchers("/register").permitAll()
.antMatchers("/login").permitAll()
.and();
http.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.successHandler(getAuthenticationSuccess())
.failureUrl("/login?error=accessDenied")
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/**").authenticated()
.anyRequest().authenticated()
.and();
http.logout()
.logoutSuccessUrl("/")
.logoutUrl("/logout")
.permitAll();
http.headers().xssProtection();
您应该在看到主页后注销。如果要重定向到登录页面,请输入登录url以注销成功url
http.formLogin()
.loginPage("/login")
.loginProcessingUrl("/j_spring_security_check")
.successHandler(getAuthenticationSuccess())
.failureUrl("/login?error=accessDenied")
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/**").authenticated()
.anyRequest().authenticated()
.and()
.logout()
.logoutSuccessUrl("/login")
.permitAll();