Security configuration with Spring-boot

前端未结

关注

 3  958

I created a Spring Security configuration class for Spring-Boot. My login page has resources css, js and ico files. The resources are getting denied for security reasons and

相关标签:

3条回答

小鲜肉

2020-12-14 20:49

Per the docs you have disabled the spring boot autoconfig in the first example by using @EnableWebSecurity, so you would have to explicitly ignore all the static resources manually. In the second example you simply provide a WebSecurityConfigurer which is additive on top of the default autoconfig.

0 讨论(0)
发布评论:

提交评论
- 加载中...

栀梦

2020-12-14 20:58

Add below method to by pass security for css and js in security config -

 @Override
    public void configure(WebSecurity web) throws Exception {
       web.ignoring().antMatchers("/css/** **","/js/** **");
    }

0 讨论(0)

忘了有多久

2020-12-14 21:02

Create a Configuration file that extends WebSecurityConfigurerAdapter and annotate the class with @EnableWebSecurity

You can override methods like configure(HttpSecurity http) to add basic security like below

@Configuration
@EnableWebSecurity
public class AppWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {    
        http
            .csrf().disable()
            .authorizeRequests()
                .anyRequest().permitAll();
        }
}

0 讨论(0)