@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/security/**")
.authenticated()
//支持跨域
.and()
.cors()
.and()
.csrf()
.disable();
//配置security访问控制,必须认证过后才可以访问
}
红色的支持跨域
以下配置还是有必要的!
如果没有oauth2,只需要下面这一段就行
@Configuration public class CorsConfig implements WebMvcConfigurer { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins("*") .allowCredentials(true) .allowedMethods("GET", "POST", "DELETE", "PUT","OPTIONS","PATCH") .maxAge(3600); } }