在我的Spring Boot应用程序中,我将Spring Security配置为
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests()
.antMatchers("/css/**", "/js/**", "/images/**", "**/index.html").permitAll()
.antMatchers("/**.html").permitAll()
.antMatchers(HttpMethod.POST, "/login").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(new LoginFilter("/login"), BasicAuthenticationFilter.class)
.addFilterBefore(new TokenFilter(), BasicAuthenticationFilter.class);
}
}
我在index.html下有resources/static/index.html。启用安全性后,此服务停止了。我错过了什么?
如果我在没有任何安全性的情况下返回,我会在服务器上呈现我的HTML。
答案 0 :(得分:0)
尝试更改为/**/index.html。对于Ant路径匹配器
? matches one character
* matches zero or more characters
** matches zero or more directories in a path
{spring:[a-z]+} matches the regexp [a-z]+ as a path variable named "spring"