这是官方文档给出的基本配置,默认会拦截所有路径
importorg.springframework.context.annotation.Bean;importorg.springframework.context.annotation.Configuration;importorg.springframework.security.config.annotation.web.builders.HttpSecurity;importorg.springframework.security.config.annotation.web.builders.WebSecurity;importorg.springframework.security.config.annotation.web.configuration.EnableWebSecurity;importorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;importorg.springframework.security.core.userdetails.User;importorg.springframework.security.core.userdetails.UserDetails;importorg.springframework.security.core.userdetails.UserDetailsService;@Configuration@EnableWebSecuritypublicclassWebSecurityConfigextendsWebSecurityConfigurerAdapter{@Overrideprotectedvoidconfigure(HttpSecurity http)throwsException{
http.authorizeRequests().antMatchers("/","/home").permitAll().anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout().permitAll();}@Bean@OverridepublicUserDetailsServiceuserDetailsService(){UserDetails user=User.withUsername("admin1").password("123456").roles("admin").build();// User.withDefaultPasswordEncoder()// .username("user")// .password("password")// .roles("USER")// .build();returnnull;}}
如果有一个请求路径是http://localhost:8125/test/method1
不想被拦截,需要在这个类里边加上这一句
@Overridepublicvoidconfigure(WebSecurity web)throwsException{
web.ignoring().antMatchers("/test/method1");}
也可以用正则表达式
web.ignoring().antMatchers("/test/method*");
这样会忽略所有路径
web.ignoring().antMatchers("/**");