在pom.xml中配置了
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
但是在程序中没有实现 WebSecurityConfigurerAdapter, 配置访问path的授权。
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled=true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override protected void configure( HttpSecurity httpSecurity ) throws Exception { //httpSecurity.authorizeRequests().anyRequest().permitAll(); httpSecurity.csrf().disable(); httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .authorizeRequests() .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() .antMatchers(HttpMethod.POST).permitAll() .antMatchers(HttpMethod.PUT).permitAll() .antMatchers(HttpMethod.DELETE).permitAll() .antMatchers(HttpMethod.GET).permitAll(); httpSecurity.headers().cacheControl(); }
}