刚刚从3.2.7迁移到4.0.1并遇到此问题,
我的配置:
http .anonymous().disable() .authorizeRequests() .antMatchers("/*Service/**") .hasIpAddress(subnetMask)
3.2.7:响应200
4.0.1:AUTHORIZATION_FAILURE
答案 0 :(得分:0)
结果是默认角色前缀被添加到ConfigAttribute,
`@EnableGlobalMethodSecurity(jsr250Enabled=true)
public class SecurityConfiguration extends GlobalMethodSecurityConfiguration
@Inject Jsr250MethodSecurityMetadataSource ms;
ms.setDefaultRolePrefix("R_");`