我们的配置看起来像这样一个特殊的路径添加过滤器:如何仅供WebSecurityConfigurerAdapter
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
public static final String LOGIN_PATH_EXPRESSION = "/login";
public static final String API_PATH_EXPRESSION = "/api/**/*";
public static final String GLOBAL_PATH_EXPRESSION = "/**/*";
@Autowired
@Qualifier("ssoFilter")
private Filter ssoFilter;
@Autowired
private VerifyingProcessingFilter verifyingProcessingFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.userDetailsService(username -> new User(username, "", Collections.emptyList()))
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers(LOGIN_PATH_EXPRESSION)
.authenticated()
.and()
.httpBasic()
.and()
.authenticationProvider(new SimpleAuthenticationProvider())
.authorizeRequests()
.antMatchers(API_PATH_EXPRESSION).authenticated()
.and()
.addFilterBefore(ssoFilter, BasicAuthenticationFilter.class)
.addFilterAfter(verifyingProcessingFilter, FilteredOAuth2AuthenticationProcessingFilter.class)
.authorizeRequests()
.antMatchers(GLOBAL_PATH_EXPRESSION)
.permitAll()
.and()
.csrf()
.disable();
}
,并认识到我们的FilteredOAuth2AuthenticationProcessingFilter
内结束/login
通话中,问我们自己为什么会这样。
目标是让ssoFilter
和verifyingProcessingFilter
仅在与路径api/**/*
碰撞端点时应用。
现在我们必须在过滤器内部添加一个AntMatching检查,以便它仅适用于正确的请求,但我认为应该可以将它添加到匹配的请求中。
有人可以提供一个关于如何添加一个过滤器到一个特定的Ant匹配路径请求的例子吗?