我遵循spring security 3.2 doc编写一个示例应用程序。 http.authorizeRequests()。anyRequest()。authenticated()是否意味着任何请求都拒绝谁不登录?但我访问任何可访问的网址。配置我已经失踪了吗?spring security 3.2 java配置
@Configuration
public class SpringWebMVCApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] { SecurityConfig.class };
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[] { WebConfig.class };
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
用SpringMVC配置
@Configuration
@EnableWebMvc
@ComponentScan("org.jxs.mm.controller")
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/assets/**").addResourceLocations("/assets/");
registry.addResourceHandler("/favicon.ico").addResourceLocations("/favicon.ico");
}
}
春季安全配置
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated();
}
}
是的,我很想念它。谢谢! – user1434702