我有以下代码:
<intercept-url pattern="/authenticated/**/" access="isAuthenticated()" />
<intercept-url pattern="/authenticated/files/**" access="none" />
我希望Spring安全保护从/authenticated派生的所有链接,authenticated/files除外。这种安全可能吗?
答案 0 :(得分:1)
更具体地移动更具体的条件:
<http use-expressions="true">
<intercept-url pattern="/authenticated/files/**" access="permitAll" />
<intercept-url pattern="/authenticated/**" access="isAuthenticated()" />
...
</http>