一、获取路径参数
想要判断路径参数是否与登陆用户的用户名相同,配置如下:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/").authenticated()
.antMatchers("/readingList/{reader}").access("isAuthenticated() and principal.username==#reader and hasRole('ROLE_READER')")
.and()
.formLogin();
}