我尝试实现spring security,但是我有很多角色和权限,然后我想将角色动态添加到彼此的资源中。喜欢它:
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//PageRequest p = new PageRequest(0, 1000);
List<RolePrivilegeConfig> rolePrivilegesConfig=rolePrivilegeConfigService.findAll();
for (RolePrivilegeConfig rolePrivilegeConfig : rolePrivilegesConfig) {
http.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers(rolePrivilegeConfig.getResource())
.access(rolePrivilegeConfig.getRoleName())
.anyRequest().authenticated();
} }
我有这个错误:
Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Can't configure antMatchers after anyRequest.
如何将所有匹配器和调用请求放在后面?
最佳答案
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//PageRequest p = new PageRequest(0, 1000);
List<RolePrivilegeConfig> rolePrivilegesConfig=rolePrivilegeConfigService.findAll();
http.authorizeRequests()
.antMatchers("/login").permitAll();
for (RolePrivilegeConfig rolePrivilegeConfig : rolePrivilegesConfig) {
http.authorizeRequests()
.antMatchers(rolePrivilegeConfig.getResource())
.access(rolePrivilegeConfig.getRoleName());
}
http.authorizeRequests()
.anyRequest().authenticated();
}
关于java - 如何将匹配器添加到 HttpSecurity spring web secure,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58420224/