1 springsecurity放行的时候注意路径写全,不然放行不生效
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/login","/logout","/table-card/image/download/*")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
// .loginPage("/cd/login")
.loginProcessingUrl("/card/login")
.defaultSuccessUrl("/table-card/test")
.permitAll()
.and().addFilterAt(this.userAuthFilter(), UsernamePasswordAuthenticationFilter.class)
;
}
开始的时候写download/*
、/image/download/*
都不生效,最后将请求路径端口号后方补全就可以访问了
全路径http://localhost:9900/table-card/image/download/1608536489022.png