首頁 探索 說明
註冊 登入
github
/
spring-security-samples
镜像来自 https://github.com/spring-projects/spring-security-samples
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Specify MVC endpoint

Josh Cummings 2 年之前
父節點
c5b9a9fb7a
當前提交
1c998d978a
共有 1 個文件被更改,包括 12 次插入3 次删除
分割檢視 顯示文件統計
  1. 12 3
      servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java

+ 12 - 3
servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2016 the original author or authors.
 
+ * Copyright 2002-2023 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -17,6 +17,7 @@ package example;
 
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.context.annotation.Configuration;
 
+import org.springframework.context.annotation.Scope;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
 import org.springframework.security.core.userdetails.User;
 
@@ -24,17 +25,19 @@ import org.springframework.security.core.userdetails.UserDetails;
 
 import org.springframework.security.core.userdetails.UserDetailsService;
 
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 import org.springframework.security.web.SecurityFilterChain;
 
+import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
 
+import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
 
 @Configuration
 
 @EnableWebSecurity
 
 public class SecurityConfiguration {
 
 
 	@Bean
 
-	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 
+	public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
 
 		// @formatter:off
 
 		http
 
 				.authorizeHttpRequests((authorize) -> authorize
 
-						.requestMatchers("/login", "/resources/**").permitAll()
 
+						.requestMatchers(mvc.pattern("/login"), mvc.pattern("/resources/**")).permitAll()
 
 						.anyRequest().authenticated()
 
 				)
 
 				.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
 
@@ -42,6 +45,12 @@ public class SecurityConfiguration {
 
 		return http.build();
 
 	}
 
 
+	@Scope("prototype")
 
+	@Bean
 
+	MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) {
 
+		return new MvcRequestMatcher.Builder(introspector);
 
+	}
 
+
 
 	// @formatter:off
 
 	@Bean
 
 	public UserDetailsService userDetailsService() {