我使用这些值生成了一个JHipster应用程序:
{
"generator-jhipster":
{
"jhipsterVersion": "4.13.0",
"baseName": "app",
"packageName": "my.app",
"packageFolder": "my/app",
"serverPort": "8080",
"authenticationType": "session",
"hibernateCache": "ehcache",
"clusteredHttpSession": "no",
"websocket": "no",
"databaseType": "sql",
"devDatabaseType": "h2Disk",
"prodDatabaseType": "mysql",
"searchEngine": "elasticsearch",
"buildTool": "gradle",
"enableSocialSignIn": false,
"rememberMeKey": "",
"clientFramework": "angularX",
"useSass": true,
"applicationType": "monolith",
"testFrameworks": [],
"jhiPrefix": "jhi",
"enableTranslation": false
}
}
我想允许匿名用户查看实体,但不允许更新或删除该实体。
我已尝试编辑生成的 SecurityConfiguration.java 文件,以便在configure(HttpSecurity http)方法中为permitAll(HttpMethod.GET,"/**")添加authorizeRequests()。
.and()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/api/products").permitAll()
当我尝试访问该实体时,我仍然收到此消息。
Resolved exception caused by Handler execution: org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource
我知道这个问题类似于:JHipster: Enable anonymous users to read entity, but not update?
我试图在这里使用相同的解决方案,但它不起作用。我应该在前端改变一些东西吗?
你能帮我解决这个问题吗?
谢谢