SpringSecurity使用httpBasic模式静态资源拦截问题
长沙大猫 2019-02-18 11:05:35 我使用SpringSecurity使用httpBasic模式时候 static下面的静态资源也会被拦截需要输入用户名密码.请问如何跳过这个拦截咧?以下是我SecurityConfigurer的代码 请各位大侠帮帮忙
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/static/**").permitAll()
.antMatchers("/").permitAll()
.anyRequest().authenticated()
.and()
.sessionManagement()
.and()
.logout()
.and()
.httpBasic();
}
@Override
public void configure(WebSecurity web) throws Exception {
// 设置不拦截规则
web.ignoring().antMatchers("/static/**");
}
// 用户认证信息
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 设置用户账号信息和权限
auth.inMemoryAuthentication().withUser("admin").password("123456").authorities("showOrder");
}
@Bean
public static NoOpPasswordEncoder passwordEncoder() {
return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
}
}