1. 技术文章
  2. Apply spring security only to one page

Apply spring security only to one page

寵の児 提交于 2021-02-11 15:37:29

问题


I have a typical security configuration:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("/", "/index").permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .permitAll()
            .and()
            .logout()
            .permitAll();
    //http.authorizeRequests().antMatchers("/resources/**").permitAll().anyRequest().permitAll();
}

Now spring is asking for a login for everything except of the login page... But how could I make it the other way, so it asks for login page ONLY for the view /index? Od only for a group of endpoints? Thanks!


回答1:


Try this:

       http
        .authorizeRequests()
        .antMatchers("/", "/index").authenticated()//Makes / and /index to be authenthicated
        .anyRequest().permitAll()//Makes any other allow without authentication. Or if you want a group use antMatchers here too.
        .and()
        .formLogin()
        .loginPage("/login")
        .permitAll()
        .and()
        .logout()
        .permitAll();


来源:https://stackoverflow.com/questions/61273204/apply-spring-security-only-to-one-page

标签
java
Spring
security
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!