将spring security从3.2.7.RELEASE迁移到4.0.0.RELEASE

时间:2015-05-13 05:13:55

标签: spring-security

刚刚从3.2.7迁移到4.0.1并遇到此问题,

我的配置:

http .anonymous().disable() .authorizeRequests() .antMatchers("/*Service/**") .hasIpAddress(subnetMask)
  

3.2.7:响应200

     

4.0.1:AUTHORIZATION_FAILURE

1 个答案:

答案 0 :(得分:0)

结果是默认角色前缀被添加到ConfigAttribute,

`@EnableGlobalMethodSecurity(jsr250Enabled=true)
public class SecurityConfiguration extends GlobalMethodSecurityConfiguration

@Inject Jsr250MethodSecurityMetadataSource ms;

ms.setDefaultRolePrefix("R_");`