我已经实现了spring基本身份验证,但是有一些我不想进行身份验证的URL。例如,http://www.mywebsite.com/rest/signUp
如何使这个未经身份验证?
@Transactional
@RequestMapping(value = "/signUp", headers = "Accept=application/json", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET)
public @ResponseBody String signUp(@RequestParam("user_name") String login,
@RequestParam("pass_word") String passWord,
@RequestParam("first_name") String firstName,
@RequestParam("last_name") String lastName,
@RequestParam("network_name") String networkName,
@RequestParam("email") String email) {
if(!userDAO.loginExists(login)) {
User user = new User();
user.setLogin(login);
user.setFirstName(firstName);
user.setLastName(lastName);
user.setNetworkName(networkName);
user.setEmail(email);
user.setPassword(passWord);
sessionFactory.getCurrentSession().save(user);
return json("success");
}
return json("failure");
}
答案 0 :(得分:0)
<http>
<intercept-url pattern="/rest/signUp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<!-- your other interceptor-url elements -->
</http>
为您的注册服务添加一个intercept-url模式,该模式是匿名验证的。