可以自定义SecurityFilterChain
package cn.edu.tju.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
public class MyConfig {
@Bean
SecurityFilterChain web(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((authorize) ->
{
authorize.requestMatchers("/hi").permitAll();
authorize.anyRequest().authenticated();
try {
authorize.and().formLogin();
} catch (Exception e) {
e.printStackTrace();
}
}
);
return http.build();
}
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring();
}
}