我想进行登录配置,以使具有特定类型/mvc/**的URL进入某个特定位置进行登录,而其他所有/**均具有不同的URL。下面是我的代码。我究竟做错了什么 。如果我的蚂蚁匹配器为/rest/**,但我需要它与/**一起使用,它就可以使用。
@Configuration
@Order(1)
public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App1ConfigurationAdapter() {
super();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/ui/**")
.headers()
.frameOptions().sameOrigin() // needed for H2 console to work
.and()
.csrf().disable()
.exceptionHandling()
.authenticationEntryPoint(new ContinueAuthenticationEntryPoint(“/login”))
.and()
.authorizeRequests()
.antMatchers("/doImport").permitAll()
.antMatchers("/health", "/info").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login").permitAll()
.and()
.logout().permitAll()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.httpBasic()
.and()
.exceptionHandling().accessDeniedPage("/access-denied");
}
}
配置的第二部分
Configuration
@Order(2)
public static class App1ConfigurationAdapter extends WebSecurityConfigurerAdapter {
public App1ConfigurationAdapter() {
super();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/**")
.headers()
.frameOptions().sameOrigin() // needed for H2 console to work
.and()
.csrf().disable()
.exceptionHandling()
.authenticationEntryPoint(new ContinueAuthenticationEntryPoint(“/login”))
.and()
.authorizeRequests()
.antMatchers("/doImport").permitAll()
.antMatchers("/health", "/info").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login2").permitAll()
.and()
.logout().permitAll()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.httpBasic()
.and()
.exceptionHandling().accessDeniedPage("/access-denied");
}
}
但是每次调用第二个而不是第一个。