我已经使我的授权服务器在春季启动时显示了以下代码,但问题是我想为我的授权服务器启用运行状况矩阵,但是我也添加了必需的Maven依赖项和设置,但仍然无法访问执行器提供的信息,请告知我如何启用相同的
用于Web安全配置适配器的代码,我猜是因为所有对URL的访问都进入了登录页面,所以阻止了恶意代码
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/resources/**", "/static/**", "/css/**", "/fonts/**", "/js/**", "/img/**", "/favicon.ico");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/client/**", "/oauth/token/**", "/client/authentication", "/user/authentication", "/clientToken", "/my/**", "/resources/**").permitAll()
.antMatchers("/login*").permitAll()
.antMatchers("/resources/**", "/arrow.png", "/favicon.ico").permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin().loginPage("/login").permitAll()
// .successForwardUrl("/welcome")
// .failureForwardUrl("/api/error")
;
http.logout()
.logoutUrl("/logout")
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true);
http.csrf().disable();
}
}